diff --git a/Makefile-libostree.am b/Makefile-libostree.am index 7f2e2a4a..61ad1f4a 100644 --- a/Makefile-libostree.am +++ b/Makefile-libostree.am @@ -155,24 +155,25 @@ libostree_1_la_SOURCES += \ $(NULL) endif +symbol_files = $(top_srcdir)/src/libostree/libostree-released.sym +if BUILDOPT_IS_DEVEL_BUILD +symbol_files += $(top_srcdir)/src/libostree/libostree-devel.sym +endif +if ENABLE_EXPERIMENTAL_API +symbol_files += $(top_srcdir)/src/libostree/libostree-experimental.sym +endif +# http://blog.jgc.org/2007/06/escaping-comma-and-space-in-gnu-make.html +wl_versionscript_arg = -Wl,--version-script= +EXTRA_DIST += $(symbol_files) + libostree_1_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/bsdiff -I$(srcdir)/libglnx -I$(srcdir)/src/libotutil -I$(srcdir)/src/libostree -I$(builddir)/src/libostree \ $(OT_INTERNAL_GIO_UNIX_CFLAGS) $(OT_INTERNAL_GPGME_CFLAGS) $(OT_DEP_LZMA_CFLAGS) $(OT_DEP_ZLIB_CFLAGS) $(OT_DEP_OPENSSL_CFLAGS) \ -fvisibility=hidden '-D_OSTREE_PUBLIC=__attribute__((visibility("default"))) extern' -libostree_1_la_LDFLAGS = -version-number 1:0:0 -Bsymbolic-functions -Wl,--version-script=$(top_srcdir)/src/libostree/libostree.sym +libostree_1_la_LDFLAGS = -version-number 1:0:0 -Bsymbolic-functions $(addprefix $(wl_versionscript_arg),$(symbol_files)) libostree_1_la_LIBADD = libotutil.la libglnx.la libbsdiff.la libostree-kernel-args.la $(OT_INTERNAL_GIO_UNIX_LIBS) $(OT_INTERNAL_GPGME_LIBS) \ $(OT_DEP_LZMA_LIBS) $(OT_DEP_ZLIB_LIBS) $(OT_DEP_OPENSSL_LIBS) libostree_1_la_LIBADD += $(bupsplitpath) -EXTRA_libostree_1_la_DEPENDENCIES = $(top_srcdir)/src/libostree/libostree.sym - -EXTRA_DIST += \ - src/libostree/libostree.sym \ - src/libostree/libostree-experimental.sym \ - $(NULL) - -if ENABLE_EXPERIMENTAL_API -libostree_1_la_LDFLAGS += -Wl,--version-script=$(top_srcdir)/src/libostree/libostree-experimental.sym -EXTRA_libostree_1_la_DEPENDENCIES += $(top_srcdir)/src/libostree/libostree-experimental.sym -endif +EXTRA_libostree_1_la_DEPENDENCIES = $(symbol_files) if USE_LIBARCHIVE libostree_1_la_CFLAGS += $(OT_DEP_LIBARCHIVE_CFLAGS) diff --git a/Makefile-man.am b/Makefile-man.am index bdc78947..7996d2d5 100644 --- a/Makefile-man.am +++ b/Makefile-man.am @@ -29,7 +29,10 @@ ostree-commit.1 ostree-export.1 ostree-gpg-sign.1 ostree-config.1 \ ostree-diff.1 ostree-fsck.1 ostree-init.1 ostree-log.1 ostree-ls.1 \ ostree-prune.1 ostree-pull-local.1 ostree-pull.1 ostree-refs.1 \ ostree-remote.1 ostree-reset.1 ostree-rev-parse.1 ostree-show.1 \ -ostree-summary.1 ostree-static-delta.1 ostree-trivial-httpd.1 +ostree-summary.1 ostree-static-delta.1 +if BUILDOPT_TRIVIAL_HTTPD +man1_files += ostree-trivial-httpd.1 +endif if BUILDOPT_FUSE man1_files += rofiles-fuse.1 diff --git a/Makefile-tests.am b/Makefile-tests.am index 89675288..4261fa7c 100644 --- a/Makefile-tests.am +++ b/Makefile-tests.am @@ -27,7 +27,7 @@ EXTRA_DIST += \ # We should probably consider flipping the default for DEBUG. Also, # include the builddir in $PATH so we find our just-built ostree # binary. -TESTS_ENVIRONMENT += OT_TESTS_DEBUG=1 \ +AM_TESTS_ENVIRONMENT += OT_TESTS_DEBUG=1 \ OSTREE_UNINSTALLED_SRCDIR=$(abs_top_srcdir) \ OSTREE_UNINSTALLED=$(abs_top_builddir) \ G_DEBUG=fatal-warnings \ @@ -37,7 +37,7 @@ TESTS_ENVIRONMENT += OT_TESTS_DEBUG=1 \ OSTREE_FEATURES="$(OSTREE_FEATURES)" \ $(NULL) if BUILDOPT_ASAN -TESTS_ENVIRONMENT += OT_SKIP_READDIR_RAND=1 G_SLICE=always-malloc +AM_TESTS_ENVIRONMENT += OT_SKIP_READDIR_RAND=1 G_SLICE=always-malloc endif uninstalled_test_data = tests/ostree-symlink-stamp tests/ostree-prepare-root-symlink-stamp \ @@ -82,6 +82,7 @@ _installed_or_uninstalled_test_scripts = \ tests/test-local-pull-depth.sh \ tests/test-gpg-signed-commit.sh \ tests/test-admin-upgrade-unconfigured.sh \ + tests/test-admin-upgrade-endoflife.sh \ tests/test-admin-deploy-syslinux.sh \ tests/test-admin-deploy-2.sh \ tests/test-admin-deploy-karg.sh \ diff --git a/Makefile.in b/Makefile.in index b0d766e6..b93745c3 100644 --- a/Makefile.in +++ b/Makefile.in @@ -394,7 +394,7 @@ check_PROGRAMS = $(am__EXEEXT_9) $(am__EXEEXT_10) $(am__EXEEXT_11) @ENABLE_EXPERIMENTAL_API_FALSE@ src/libostree/ostree-remote.h \ @ENABLE_EXPERIMENTAL_API_FALSE@ $(NULL) -@ENABLE_EXPERIMENTAL_API_TRUE@am__append_22 = -Wl,--version-script=$(top_srcdir)/src/libostree/libostree-experimental.sym +@BUILDOPT_IS_DEVEL_BUILD_TRUE@am__append_22 = $(top_srcdir)/src/libostree/libostree-devel.sym @ENABLE_EXPERIMENTAL_API_TRUE@am__append_23 = $(top_srcdir)/src/libostree/libostree-experimental.sym @USE_LIBARCHIVE_TRUE@am__append_24 = $(OT_DEP_LIBARCHIVE_CFLAGS) @USE_LIBARCHIVE_TRUE@am__append_25 = $(OT_DEP_LIBARCHIVE_LIBS) @@ -475,9 +475,10 @@ check_PROGRAMS = $(am__EXEEXT_9) $(am__EXEEXT_10) $(am__EXEEXT_11) # We're using the system grub2-mkconfig generator @BUILDOPT_BUILTIN_GRUB2_MKCONFIG_FALSE@am__append_70 = src/boot/grub2/grub2-15_ostree @BUILDOPT_BUILTIN_GRUB2_MKCONFIG_FALSE@am__append_71 = install-grub2-config-hook -@BUILDOPT_FUSE_TRUE@@ENABLE_MAN_TRUE@am__append_72 = rofiles-fuse.1 -@ENABLE_MAN_TRUE@am__append_73 = $(man1_MANS) $(man5_MANS) $(man1_MANS:.1=.xml) $(man5_MANS:.5=.xml) -@ENABLE_MAN_TRUE@am__append_74 = \ +@BUILDOPT_TRIVIAL_HTTPD_TRUE@@ENABLE_MAN_TRUE@am__append_72 = ostree-trivial-httpd.1 +@BUILDOPT_FUSE_TRUE@@ENABLE_MAN_TRUE@am__append_73 = rofiles-fuse.1 +@ENABLE_MAN_TRUE@am__append_74 = $(man1_MANS) $(man5_MANS) $(man1_MANS:.1=.xml) $(man5_MANS:.5=.xml) +@ENABLE_MAN_TRUE@am__append_75 = \ @ENABLE_MAN_TRUE@ $(man1_MANS) \ @ENABLE_MAN_TRUE@ $(man5_MANS) \ @ENABLE_MAN_TRUE@ $(NULL) @@ -1497,6 +1498,7 @@ am__EXEEXT_17 = tests/test-basic.sh tests/test-basic-user.sh \ tests/test-pull-override-url.sh tests/test-local-pull.sh \ tests/test-local-pull-depth.sh tests/test-gpg-signed-commit.sh \ tests/test-admin-upgrade-unconfigured.sh \ + tests/test-admin-upgrade-endoflife.sh \ tests/test-admin-deploy-syslinux.sh \ tests/test-admin-deploy-2.sh tests/test-admin-deploy-karg.sh \ tests/test-admin-deploy-switch.sh \ @@ -1818,15 +1820,14 @@ CLEANFILES = $(am__append_13) $(BUILT_SOURCES) $(am__append_42) \ tests/ostree-remount-symlink-stamp \ tests/rofiles-fuse-symlink-stamp tests/ostree \ tests/ostree-prepare-root tests/ostree-remount \ - tests/rofiles-fuse $(am__append_74) + tests/rofiles-fuse $(am__append_75) EXTRA_DIST = $(all_dist_test_scripts) $(all_dist_test_data) autogen.sh \ COPYING README.md $(am__append_15) libglnx/README.md \ libglnx/COPYING libglnx/libglnx.m4 $(NULL) \ libglnx/Makefile-libglnx.am bsdiff/bsdiff.h bsdiff/bspatch.h \ bsdiff/LICENSE bsdiff/README.md bsdiff/Makefile-bsdiff.am \ - $(am__append_17) src/libostree/libostree.sym \ - src/libostree/libostree-experimental.sym $(NULL) \ - src/libostree/README-gpg src/libostree/bupsplit.h \ + $(am__append_17) $(symbol_files) src/libostree/README-gpg \ + src/libostree/bupsplit.h \ src/libostree/ostree-enumtypes.h.template \ src/libostree/ostree-enumtypes.c.template \ src/libostree/ostree-deployment-private.h \ @@ -1840,7 +1841,7 @@ EXTRA_DIST = $(all_dist_test_scripts) $(all_dist_test_data) autogen.sh \ src/boot/mkinitcpio/ostree \ src/boot/ostree-prepare-root.service \ src/boot/ostree-remount.service src/boot/grub2/grub2-15_ostree \ - src/boot/grub2/ostree-grub-generator $(NULL) $(am__append_73) + src/boot/grub2/ostree-grub-generator $(NULL) $(am__append_74) bin_SCRIPTS = lib_LTLIBRARIES = libostree-1.la pkglibexec_SCRIPTS = $(am__append_70) @@ -1862,7 +1863,7 @@ ostree_bootdir = $(prefix)/lib/ostree # We should probably consider flipping the default for DEBUG. Also, # include the builddir in $PATH so we find our just-built ostree # binary. -TESTS_ENVIRONMENT = G_TEST_SRCDIR="$(abs_srcdir)" \ +AM_TESTS_ENVIRONMENT = G_TEST_SRCDIR="$(abs_srcdir)" \ G_TEST_BUILDDIR="$(abs_builddir)" UNINSTALLEDTESTS=1 \ G_DEBUG=gc-friendly MALLOC_CHECK_=2 \ MALLOC_PERTURB_=$$(($${RANDOM:-256} % 256)) OT_TESTS_DEBUG=1 \ @@ -2119,6 +2120,10 @@ libostree_1_la_SOURCES = src/libostree/ostree-async-progress.c \ src/libostree/ostree-autocleanups.h $(NULL) $(am__append_19) \ $(am__append_20) $(am__append_21) $(am__append_28) \ $(am__append_29) $(am__append_32) +symbol_files = $(top_srcdir)/src/libostree/libostree-released.sym \ + $(am__append_22) $(am__append_23) +# http://blog.jgc.org/2007/06/escaping-comma-and-space-in-gnu-make.html +wl_versionscript_arg = -Wl,--version-script= libostree_1_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/bsdiff \ -I$(srcdir)/libglnx -I$(srcdir)/src/libotutil \ -I$(srcdir)/src/libostree -I$(builddir)/src/libostree \ @@ -2128,17 +2133,14 @@ libostree_1_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/bsdiff \ '-D_OSTREE_PUBLIC=__attribute__((visibility("default"))) \ extern' $(am__append_24) $(am__append_26) $(am__append_30) \ $(am__append_33) $(am__append_35) $(am__append_37) -libostree_1_la_LDFLAGS = -version-number 1:0:0 -Bsymbolic-functions \ - -Wl,--version-script=$(top_srcdir)/src/libostree/libostree.sym \ - $(am__append_22) +libostree_1_la_LDFLAGS = -version-number 1:0:0 -Bsymbolic-functions $(addprefix $(wl_versionscript_arg),$(symbol_files)) libostree_1_la_LIBADD = libotutil.la libglnx.la libbsdiff.la \ libostree-kernel-args.la $(OT_INTERNAL_GIO_UNIX_LIBS) \ $(OT_INTERNAL_GPGME_LIBS) $(OT_DEP_LZMA_LIBS) \ $(OT_DEP_ZLIB_LIBS) $(OT_DEP_OPENSSL_LIBS) $(bupsplitpath) \ $(am__append_25) $(am__append_27) $(am__append_31) \ $(am__append_34) $(am__append_36) $(am__append_38) -EXTRA_libostree_1_la_DEPENDENCIES = \ - $(top_srcdir)/src/libostree/libostree.sym $(am__append_23) +EXTRA_libostree_1_la_DEPENDENCIES = $(symbol_files) @BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_EXPORT_PACKAGES = ostree-1 @BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_INCLUDES = Gio-2.0 @BUILDOPT_INTROSPECTION_TRUE@OSTree_1_0_gir_CFLAGS = $(libostree_1_la_CFLAGS) @@ -2277,6 +2279,7 @@ _installed_or_uninstalled_test_scripts = tests/test-basic.sh \ tests/test-pull-override-url.sh tests/test-local-pull.sh \ tests/test-local-pull-depth.sh tests/test-gpg-signed-commit.sh \ tests/test-admin-upgrade-unconfigured.sh \ + tests/test-admin-upgrade-endoflife.sh \ tests/test-admin-deploy-syslinux.sh \ tests/test-admin-deploy-2.sh tests/test-admin-deploy-karg.sh \ tests/test-admin-deploy-switch.sh \ @@ -2441,8 +2444,8 @@ tests_test_gpg_verify_result_LDADD = $(TESTS_LDADD) $(OT_INTERNAL_GPGME_LIBS) @ENABLE_MAN_TRUE@ ostree-pull.1 ostree-refs.1 ostree-remote.1 \ @ENABLE_MAN_TRUE@ ostree-reset.1 ostree-rev-parse.1 \ @ENABLE_MAN_TRUE@ ostree-show.1 ostree-summary.1 \ -@ENABLE_MAN_TRUE@ ostree-static-delta.1 ostree-trivial-httpd.1 \ -@ENABLE_MAN_TRUE@ $(am__append_72) +@ENABLE_MAN_TRUE@ ostree-static-delta.1 $(am__append_72) \ +@ENABLE_MAN_TRUE@ $(am__append_73) @ENABLE_MAN_TRUE@man5_files = ostree.repo.5 ostree.repo-config.5 @ENABLE_MAN_TRUE@man1_MANS = $(addprefix man/,$(man1_files)) @ENABLE_MAN_TRUE@man5_MANS = $(addprefix man/,$(man5_files)) @@ -6789,6 +6792,13 @@ tests/test-admin-upgrade-unconfigured.sh.log: tests/test-admin-upgrade-unconfigu --log-file $$b.log --trs-file $$b.trs \ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ "$$tst" $(AM_TESTS_FD_REDIRECT) +tests/test-admin-upgrade-endoflife.sh.log: tests/test-admin-upgrade-endoflife.sh + @p='tests/test-admin-upgrade-endoflife.sh'; \ + b='tests/test-admin-upgrade-endoflife.sh'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) tests/test-admin-deploy-syslinux.sh.log: tests/test-admin-deploy-syslinux.sh @p='tests/test-admin-deploy-syslinux.sh'; \ b='tests/test-admin-deploy-syslinux.sh'; \ diff --git a/apidoc/html/index.html b/apidoc/html/index.html index f4d3d764..9f374a47 100644 --- a/apidoc/html/index.html +++ b/apidoc/html/index.html @@ -14,7 +14,7 @@
-

for OSTree 2017.6

+

for OSTree 2017.7

diff --git a/apidoc/html/ostree-Content-addressed-object-store.html b/apidoc/html/ostree-Content-addressed-object-store.html index 31c45644..ede56744 100644 --- a/apidoc/html/ostree-Content-addressed-object-store.html +++ b/apidoc/html/ostree-Content-addressed-object-store.html @@ -41,7 +41,7 @@ -gboolean +gboolean ostree_repo_mode_from_string () @@ -73,7 +73,7 @@ -gboolean +gboolean ostree_repo_open () @@ -89,7 +89,7 @@ -gboolean +gboolean ostree_repo_get_disable_fsync () @@ -97,7 +97,7 @@ -gboolean +gboolean ostree_repo_is_system () @@ -105,7 +105,7 @@ -gboolean +gboolean ostree_repo_is_writable () @@ -113,7 +113,7 @@ -gboolean +gboolean ostree_repo_create () @@ -121,7 +121,7 @@ -GFile * +GFile * ostree_repo_get_path () @@ -137,7 +137,7 @@ -GKeyFile * +GKeyFile * ostree_repo_get_config () @@ -153,7 +153,7 @@ -GKeyFile * +GKeyFile * ostree_repo_copy_config () @@ -161,7 +161,7 @@ -gboolean +gboolean ostree_repo_remote_add () @@ -169,7 +169,7 @@ -gboolean +gboolean ostree_repo_remote_delete () @@ -177,7 +177,7 @@ -gboolean +gboolean ostree_repo_remote_change () @@ -193,7 +193,7 @@ -gboolean +gboolean ostree_repo_remote_get_url () @@ -201,7 +201,7 @@ -gboolean +gboolean ostree_repo_remote_get_gpg_verify () @@ -209,7 +209,7 @@ -gboolean +gboolean ostree_repo_remote_get_gpg_verify_summary () @@ -217,7 +217,7 @@ -gboolean +gboolean ostree_repo_remote_gpg_import () @@ -225,7 +225,7 @@ -gboolean +gboolean ostree_repo_remote_fetch_summary () @@ -233,7 +233,7 @@ -gboolean +gboolean ostree_repo_remote_fetch_summary_with_options () @@ -241,7 +241,7 @@ -gboolean +gboolean ostree_repo_reload_config () @@ -249,7 +249,7 @@ -gboolean +gboolean ostree_repo_get_remote_boolean_option () @@ -257,7 +257,7 @@ -gboolean +gboolean ostree_repo_get_remote_list_option () @@ -265,7 +265,7 @@ -gboolean +gboolean ostree_repo_get_remote_option () @@ -281,7 +281,7 @@ -gboolean +gboolean ostree_repo_write_config () @@ -289,7 +289,7 @@ -gboolean +gboolean ostree_repo_scan_hardlinks () @@ -297,7 +297,7 @@ -gboolean +gboolean ostree_repo_prepare_transaction () @@ -305,7 +305,7 @@ -gboolean +gboolean ostree_repo_commit_transaction () @@ -313,7 +313,7 @@ -gboolean +gboolean ostree_repo_abort_transaction () @@ -337,7 +337,7 @@ -gboolean +gboolean ostree_repo_set_ref_immediate () @@ -345,7 +345,7 @@ -gboolean +gboolean ostree_repo_set_cache_dir () @@ -353,7 +353,7 @@ -gboolean +gboolean ostree_repo_sign_delta () @@ -361,7 +361,7 @@ -gboolean +gboolean ostree_repo_has_object () @@ -369,7 +369,7 @@ -gboolean +gboolean ostree_repo_write_metadata () @@ -385,7 +385,7 @@ -gboolean +gboolean ostree_repo_write_metadata_finish () @@ -393,7 +393,7 @@ -gboolean +gboolean ostree_repo_write_content () @@ -401,7 +401,7 @@ -gboolean +gboolean ostree_repo_write_metadata_trusted () @@ -409,7 +409,7 @@ -gboolean +gboolean ostree_repo_write_metadata_stream_trusted () @@ -417,7 +417,7 @@ -gboolean +gboolean ostree_repo_write_content_trusted () @@ -433,7 +433,7 @@ -gboolean +gboolean ostree_repo_write_content_finish () @@ -441,7 +441,7 @@ -gboolean +gboolean ostree_repo_resolve_rev () @@ -449,7 +449,7 @@ -gboolean +gboolean ostree_repo_resolve_rev_ext () @@ -457,7 +457,7 @@ -gboolean +gboolean ostree_repo_list_refs () @@ -465,7 +465,7 @@ -gboolean +gboolean ostree_repo_list_refs_ext () @@ -473,7 +473,7 @@ -gboolean +gboolean ostree_repo_remote_list_refs () @@ -481,7 +481,7 @@ -gboolean +gboolean ostree_repo_load_variant () @@ -489,7 +489,7 @@ -gboolean +gboolean ostree_repo_load_commit () @@ -497,7 +497,7 @@ -gboolean +gboolean ostree_repo_load_variant_if_exists () @@ -505,7 +505,7 @@ -gboolean +gboolean ostree_repo_load_file () @@ -513,7 +513,7 @@ -gboolean +gboolean ostree_repo_load_object_stream () @@ -521,7 +521,7 @@ -gboolean +gboolean ostree_repo_query_object_storage_size () @@ -529,7 +529,7 @@ -gboolean +gboolean ostree_repo_import_object_from () @@ -537,7 +537,7 @@ -gboolean +gboolean ostree_repo_import_object_from_with_trust () @@ -545,7 +545,7 @@ -gboolean +gboolean ostree_repo_import_archive_to_mtree () @@ -553,7 +553,7 @@ -gboolean +gboolean ostree_repo_export_tree_to_archive () @@ -561,7 +561,7 @@ -gboolean +gboolean ostree_repo_delete_object () @@ -585,7 +585,7 @@ -GVariant * +GVariant * (*OstreeRepoCommitModifierXattrCallback) () @@ -657,7 +657,7 @@ -GType +GType ostree_repo_devino_cache_get_type () @@ -665,7 +665,7 @@ -gboolean +gboolean ostree_repo_write_directory_to_mtree () @@ -673,7 +673,7 @@ -gboolean +gboolean ostree_repo_write_dfd_to_mtree () @@ -681,7 +681,7 @@ -gboolean +gboolean ostree_repo_write_archive_to_mtree () @@ -689,7 +689,7 @@ -gboolean +gboolean ostree_repo_write_mtree () @@ -697,7 +697,7 @@ -gboolean +gboolean ostree_repo_write_commit () @@ -705,7 +705,7 @@ -gboolean +gboolean ostree_repo_write_commit_with_time () @@ -713,7 +713,7 @@ -gboolean +gboolean ostree_repo_read_commit_detached_metadata () @@ -721,7 +721,7 @@ -gboolean +gboolean ostree_repo_write_commit_detached_metadata () @@ -729,7 +729,7 @@ -gboolean +gboolean ostree_repo_checkout_tree () @@ -737,7 +737,7 @@ -gboolean +gboolean ostree_repo_checkout_tree_at () @@ -745,7 +745,7 @@ -gboolean +gboolean ostree_repo_checkout_at () @@ -753,7 +753,7 @@ -gboolean +gboolean ostree_repo_checkout_gc () @@ -761,7 +761,7 @@ -gboolean +gboolean ostree_repo_read_commit () @@ -769,7 +769,7 @@ -gboolean +gboolean ostree_repo_list_objects () @@ -777,7 +777,7 @@ -gboolean +gboolean ostree_repo_list_commit_objects_starting_with () @@ -785,7 +785,7 @@ -gboolean +gboolean ostree_repo_list_static_delta_names () @@ -793,7 +793,7 @@ -gboolean +gboolean ostree_repo_static_delta_generate () @@ -801,7 +801,7 @@ -gboolean +gboolean ostree_repo_static_delta_execute_offline () @@ -809,7 +809,7 @@ -GHashTable * +GHashTable * ostree_repo_traverse_new_reachable () @@ -817,7 +817,7 @@ -gboolean +gboolean ostree_repo_traverse_commit () @@ -825,7 +825,7 @@ -gboolean +gboolean ostree_repo_traverse_commit_union () @@ -865,7 +865,7 @@ -gboolean +gboolean ostree_repo_commit_traverse_iter_init_commit () @@ -873,7 +873,7 @@ -gboolean +gboolean ostree_repo_commit_traverse_iter_init_dirtree () @@ -889,7 +889,7 @@ -gboolean +gboolean ostree_repo_prune () @@ -897,7 +897,7 @@ -gboolean +gboolean ostree_repo_prune_static_deltas () @@ -905,7 +905,7 @@ -gboolean +gboolean ostree_repo_prune_from_reachable () @@ -913,7 +913,7 @@ -gboolean +gboolean ostree_repo_pull () @@ -921,7 +921,7 @@ -gboolean +gboolean ostree_repo_pull_one_dir () @@ -929,7 +929,7 @@ -gboolean +gboolean ostree_repo_pull_with_options () @@ -945,7 +945,7 @@ -gboolean +gboolean ostree_repo_sign_commit () @@ -953,7 +953,7 @@ -gboolean +gboolean ostree_repo_append_gpg_signature () @@ -961,7 +961,7 @@ -gboolean +gboolean ostree_repo_add_gpg_signature_summary () @@ -977,7 +977,7 @@ -gboolean +gboolean ostree_repo_verify_commit () @@ -1009,7 +1009,7 @@ -gboolean +gboolean ostree_repo_regenerate_summary () @@ -1135,16 +1135,16 @@ with

Functions

ostree_repo_mode_from_string ()

-
gboolean
+
gboolean
 ostree_repo_mode_from_string (const char *mode,
                               OstreeRepoMode *out_mode,
-                              GError **error);

+                              GError **error);

ostree_repo_new ()

OstreeRepo *
-ostree_repo_new (GFile *path);
+ostree_repo_new (GFile *path);

Parameters

@@ -1171,8 +1171,8 @@ ostree_repo_new (GFile *pa

ostree_repo_new_for_sysroot_path ()

OstreeRepo *
-ostree_repo_new_for_sysroot_path (GFile *repo_path,
-                                  GFile *sysroot_path);
+ostree_repo_new_for_sysroot_path (GFile *repo_path, + GFile *sysroot_path);

Creates a new OstreeRepo instance, taking the system root path explicitly instead of assuming "/".

@@ -1223,17 +1223,17 @@ Otherwise use the path in the OSTREE_REPO environment variable

ostree_repo_open ()

-
gboolean
+
gboolean
 ostree_repo_open (OstreeRepo *self,
-                  GCancellable *cancellable,
-                  GError **error);

+                  GCancellable *cancellable,
+                  GError **error);

ostree_repo_set_disable_fsync ()

void
 ostree_repo_set_disable_fsync (OstreeRepo *self,
-                               gboolean disable_fsync);
+ gboolean disable_fsync);

Disable requests to fsync() to stable storage during commits. This option should only be used by build system tools which are creating disposable virtual machines, or have higher level mechanisms for @@ -1254,7 +1254,7 @@ ensuring data consistency.

 - + @@ -1264,7 +1264,7 @@ ensuring data consistency.

ostree_repo_get_disable_fsync ()

-
gboolean
+
gboolean
 ostree_repo_get_disable_fsync (OstreeRepo *self);

 
For more information see ostree_repo_set_disable_fsync().

 

@@ -1290,7 +1290,7 @@ ostree_repo_get_disable_fsync (
 

 
ostree_repo_is_system ()

-
gboolean
+
gboolean
 ostree_repo_is_system (OstreeRepo *repo);

 

 
Parameters

@@ -1309,15 +1309,15 @@ ostree_repo_is_system (
 
Returns

-
 TRUE if this repository is the root-owned system global repository

+
 TRUE if this repository is the root-owned system global repository

 

 

 

 

 
ostree_repo_is_writable ()

-
gboolean
+
gboolean
 ostree_repo_is_writable (OstreeRepo *self,
-                         GError **error);

+                         GError **error);

 
Returns whether the repository is writable by the current user.
 If the repository is not writable, the error
  indicates why.

@@ -1337,7 +1337,7 @@ If the repository is not writable, the error<
- + @@ -1345,17 +1345,17 @@ If the repository is not writable, the error<

Returns

-

TRUE if this repository is writable

+

TRUE if this repository is writable

ostree_repo_create ()

-
gboolean
+
gboolean
 ostree_repo_create (OstreeRepo *self,
                     OstreeRepoMode mode,
-                    GCancellable *cancellable,
-                    GError **error);

+                    GCancellable *cancellable,
+                    GError **error);

Create the underlying structure on disk for the repository, and call ostree_repo_open() on the result, preparing it for use.

Since version 2016.8, this function will succeed on an existing @@ -1399,7 +1399,7 @@ do so.

ostree_repo_get_path ()

-
GFile *
+
GFile *
 ostree_repo_get_path (OstreeRepo *self);

 

 
Returns

@@ -1416,7 +1416,7 @@ ostree_repo_get_mode (
 
ostree_repo_get_config ()

-
GKeyFile *
+
GKeyFile *
 ostree_repo_get_config (OstreeRepo *self);

 

 
Returns

@@ -1457,7 +1457,7 @@ repository (to see whether a ref was written).

 

 

 
ostree_repo_copy_config ()

-
GKeyFile *
+
GKeyFile *
 ostree_repo_copy_config (OstreeRepo *self);

 

 
Returns

@@ -1468,24 +1468,24 @@ ostree_repo_copy_config (
 
ostree_repo_remote_add ()

-
gboolean
+
gboolean
 ostree_repo_remote_add (OstreeRepo *self,
                         const char *name,
                         const char *url,
-                        GVariant *options,
-                        GCancellable *cancellable,
-                        GError **error);

+                        GVariant *options,
+                        GCancellable *cancellable,
+                        GError **error);

 
Create a new remote named name
  pointing to url
 .  If options
  is
-provided, then it will be mapped to GKeyFile entries, where the
+provided, then it will be mapped to GKeyFile entries, where the
 GVariant dictionary key is an option string, and the value is
 mapped as follows:

 

 

 
Parameters

@@ -1533,11 +1533,11 @@ mapped as follows:

 

 

 
ostree_repo_remote_delete ()

-
gboolean
+
gboolean
 ostree_repo_remote_delete (OstreeRepo *self,
                            const char *name,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GCancellable *cancellable,
+                           GError **error);

 
Delete the remote named name
 .  It is an error if the provided
 remote does not exist.

@@ -1577,15 +1577,15 @@ remote does not exist.

 

 

 
ostree_repo_remote_change ()

-
gboolean
+
gboolean
 ostree_repo_remote_change (OstreeRepo *self,
-                           GFile *sysroot,
+                           GFile *sysroot,
                            OstreeRepoRemoteChange changeop,
                            const char *name,
                            const char *url,
-                           GVariant *options,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GVariant *options,
+                           GCancellable *cancellable,
+                           GError **error);

 
A combined function handling the equivalent of
 ostree_repo_remote_add(), ostree_repo_remote_delete(), with more
 options.

@@ -1647,9 +1647,9 @@ options.

 
ostree_repo_remote_list ()

 
char **
 ostree_repo_remote_list (OstreeRepo *self,
-                         guint *out_n_remotes);

+                         guint *out_n_remotes);

 
List available remote names in an OstreeRepo.  Remote names are sorted
-alphabetically.  If no remotes are available the function returns NULL.

+alphabetically.  If no remotes are available the function returns NULL.

 

 
Parameters

disable_fsync

If TRUE, do not fsync

If TRUE, do not fsync

  

error

a GError

a GError

  
@@ -1674,7 +1674,7 @@ alphabetically. If no remotes are available the function returns

Returns

-

a NULL-terminated +

a NULL-terminated array of remote names.

[array length=out_n_remotes][transfer full]

@@ -1682,11 +1682,11 @@ array of remote names.

ostree_repo_remote_get_url ()

-
gboolean
+
gboolean
 ostree_repo_remote_get_url (OstreeRepo *self,
                             const char *name,
                             char **out_url,
-                            GError **error);

+                            GError **error);

Return the URL of the remote named name through out_url . It is an @@ -1725,17 +1725,17 @@ error if the provided remote does not exist.

Returns

-

TRUE on success, FALSE on failure

+

TRUE on success, FALSE on failure

ostree_repo_remote_get_gpg_verify ()

-
gboolean
+
gboolean
 ostree_repo_remote_get_gpg_verify (OstreeRepo *self,
                                    const char *name,
-                                   gboolean *out_gpg_verify,
-                                   GError **error);

+                                   gboolean *out_gpg_verify,
+                                   GError **error);

Return whether GPG verification is enabled for the remote named name through out_gpg_verify @@ -1775,18 +1775,18 @@ not exist.

Returns

-

TRUE on success, FALSE on failure

+

TRUE on success, FALSE on failure

ostree_repo_remote_get_gpg_verify_summary ()

-
gboolean
+
gboolean
 ostree_repo_remote_get_gpg_verify_summary
                                (OstreeRepo *self,
                                 const char *name,
-                                gboolean *out_gpg_verify_summary,
-                                GError **error);

+                                gboolean *out_gpg_verify_summary,
+                                GError **error);

Return whether GPG verification of the summary is enabled for the remote named name through out_gpg_verify_summary @@ -1826,27 +1826,27 @@ remote does not exist.

Returns

-

TRUE on success, FALSE on failure

+

TRUE on success, FALSE on failure

ostree_repo_remote_gpg_import ()

-
gboolean
+
gboolean
 ostree_repo_remote_gpg_import (OstreeRepo *self,
                                const char *name,
-                               GInputStream *source_stream,
+                               GInputStream *source_stream,
                                const char * const *key_ids,
-                               guint *out_imported,
-                               GCancellable *cancellable,
-                               GError **error);

+                               guint *out_imported,
+                               GCancellable *cancellable,
+                               GError **error);

Imports one or more GPG keys from the open source_stream , or from the user's personal keyring if source_stream - is NULL. The key_ids + is NULL. The key_ids array can optionally restrict which keys are imported. If key_ids - is NULL, + is NULL, then all keys are imported.

The imported keys will be used to conduct GPG verification when pulling from the remote named name @@ -1872,28 +1872,28 @@ from the remote named name

- + - + +keys, or NULL.

- + - + @@ -1901,19 +1901,19 @@ keys, or NULL.

Returns

-

TRUE on success, FALSE on failure

+

TRUE on success, FALSE on failure

ostree_repo_remote_fetch_summary ()

-
gboolean
+
gboolean
 ostree_repo_remote_fetch_summary (OstreeRepo *self,
                                   const char *name,
-                                  GBytes **out_summary,
-                                  GBytes **out_signatures,
-                                  GCancellable *cancellable,
-                                  GError **error);

+                                  GBytes **out_summary,
+                                  GBytes **out_signatures,
+                                  GCancellable *cancellable,
+                                  GError **error);

Tries to fetch the summary file and any GPG signatures on the summary file over HTTP, and returns the binary data in out_summary and out_signatures @@ -1925,8 +1925,8 @@ respectively.

. Likewise if the summary file is not signed, out_signatures is set to NULL -. In either case the function still returns TRUE.

-

Parse the summary data into a GVariant using g_variant_new_from_bytes() +. In either case the function still returns TRUE.

+

Parse the summary data into a GVariant using g_variant_new_from_bytes() with OSTREE_SUMMARY_GVARIANT_FORMAT as the format string.

Parameters

@@ -1950,23 +1950,23 @@ with

out_summary

 +NULL.

+signature data, or NULL.

- + - + @@ -1974,21 +1974,21 @@ signature data, or NULL.

Returns

-

TRUE on success, FALSE on failure

+

TRUE on success, FALSE on failure

ostree_repo_remote_fetch_summary_with_options ()

-
gboolean
+
gboolean
 ostree_repo_remote_fetch_summary_with_options
                                (OstreeRepo *self,
                                 const char *name,
-                                GVariant *options,
-                                GBytes **out_summary,
-                                GBytes **out_signatures,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GVariant *options,
+                                GBytes **out_summary,
+                                GBytes **out_signatures,
+                                GCancellable *cancellable,
+                                GError **error);

Like ostree_repo_remote_fetch_summary(), but supports an extensible set of flags. The following are currently defined:

    @@ -2022,23 +2022,23 @@ The following are currently defined:

 +NULL.

+signature data, or NULL.

- + - + @@ -2046,16 +2046,16 @@ signature data, or NULL.

Returns

-

TRUE on success, FALSE on failure

+

TRUE on success, FALSE on failure

ostree_repo_reload_config ()

-
gboolean
+
gboolean
 ostree_repo_reload_config (OstreeRepo *self,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GCancellable *cancellable,
+                           GError **error);

By default, an OstreeRepo will cache the remote configuration and its own repo/config data. This API can be used to reload it.

@@ -2089,13 +2089,13 @@ own repo/config data. This API can be used to reload it.

ostree_repo_get_remote_boolean_option ()

-
gboolean
+
gboolean
 ostree_repo_get_remote_boolean_option (OstreeRepo *self,
                                        const char *remote_name,
                                        const char *option_name,
-                                       gboolean default_value,
-                                       gboolean *out_value,
-                                       GError **error);

+                                       gboolean default_value,
+                                       gboolean *out_value,
+                                       GError **error);

OSTree remotes are represented by keyfile groups, formatted like: [remote "remotename"]. This function returns a value named option_name @@ -2104,7 +2104,7 @@ If the option is not set, out_value will be set to default_value . If an error is returned, out_value - will be set to FALSE.

+ will be set to FALSE.

Parameters

source_stream

a GInputStream, or NULL.

a GInputStream, or NULL.

[allow-none]

key_ids

a NULL-terminated array of GPG key IDs, or NULL.

a NULL-terminated array of GPG key IDs, or NULL.

[array zero-terminated=1][element-type utf8][allow-none]

out_imported

return location for the number of imported -keys, or NULL.

[allow-none]

cancellable

a GCancellable

a GCancellable

  

error

a GError

a GError

  

return location for raw summary data, or -NULL.

[out][optional]

out_signatures

return location for raw summary -signature data, or NULL.

[out][optional]

cancellable

a GCancellable

a GCancellable

  

error

a GError

a GError

  

out_summary

return location for raw summary data, or -NULL.

[out][optional]

out_signatures

return location for raw summary -signature data, or NULL.

[out][optional]

cancellable

a GCancellable

a GCancellable

  

error

a GError

a GError

  
@@ -2150,26 +2150,26 @@ is not present

Returns

-

TRUE on success, otherwise FALSE with error +

TRUE on success, otherwise FALSE with error set

ostree_repo_get_remote_list_option ()

-
gboolean
+
gboolean
 ostree_repo_get_remote_list_option (OstreeRepo *self,
                                     const char *remote_name,
                                     const char *option_name,
                                     char ***out_value,
-                                    GError **error);

+                                    GError **error);

OSTree remotes are represented by keyfile groups, formatted like: [remote "remotename"]. This function returns a value named option_name underneath that group, and returns it as a zero terminated array of strings. If the option is not set, or if an error is returned, out_value will be set -to NULL.

+to NULL.

Parameters

@@ -2198,7 +2198,7 @@ to NULL.

 +g_strfreev().

@@ -2211,27 +2211,27 @@ of strings. The list should be freed with

Returns

-

TRUE on success, otherwise FALSE with error +

TRUE on success, otherwise FALSE with error set

ostree_repo_get_remote_option ()

-
gboolean
+
gboolean
 ostree_repo_get_remote_option (OstreeRepo *self,
                                const char *remote_name,
                                const char *option_name,
                                const char *default_value,
                                char **out_value,
-                               GError **error);

+                               GError **error);

OSTree remotes are represented by keyfile groups, formatted like: [remote "remotename"]. This function returns a value named option_name underneath that group, or default_value if the remote exists but not the option name. If an error is returned, out_value - will be set to NULL.

+ will be set to NULL.

Parameters

out_value

location to store the list of strings. The list should be freed with -g_strfreev().

[out][array zero-terminated=1]
@@ -2277,7 +2277,7 @@ is not present.

Returns

-

TRUE on success, otherwise FALSE with error +

TRUE on success, otherwise FALSE with error set

@@ -2305,17 +2305,17 @@ called.

Returns

-

Parent repository, or NULL if none.

+

Parent repository, or NULL if none.

[transfer none]

ostree_repo_write_config ()

-
gboolean
+
gboolean
 ostree_repo_write_config (OstreeRepo *self,
-                          GKeyFile *new_config,
-                          GError **error);

+                          GKeyFile *new_config,
+                          GError **error);

Save new_config in place of this repository's config file. Note that new_config @@ -2342,7 +2342,7 @@ simply adds a reference.

 - + @@ -2352,10 +2352,10 @@ simply adds a reference.

ostree_repo_scan_hardlinks ()

-
gboolean
+
gboolean
 ostree_repo_scan_hardlinks (OstreeRepo *self,
-                            GCancellable *cancellable,
-                            GError **error);

+                            GCancellable *cancellable,
+                            GError **error);

When ostree builds a mutable tree from directory like in ostree_repo_write_directory_to_mtree(), it has to scan all files that you pass in and compute their checksums. If your commit contains hardlinks from @@ -2396,11 +2396,11 @@ before you call ostree_write_directory_to_mtree()

ostree_repo_prepare_transaction ()

-
gboolean
+
gboolean
 ostree_repo_prepare_transaction (OstreeRepo *self,
-                                 gboolean *out_transaction_resume,
-                                 GCancellable *cancellable,
-                                 GError **error);

+                                 gboolean *out_transaction_resume,
+                                 GCancellable *cancellable,
+                                 GError **error);

Starts or resumes a transaction. In order to write to a repo, you need to start a transaction. You can complete the transaction with ostree_repo_commit_transaction(), or abort the transaction with @@ -2445,11 +2445,11 @@ pulls use per-commit state/.commitpartial files.

ostree_repo_commit_transaction ()

-
gboolean
+
gboolean
 ostree_repo_commit_transaction (OstreeRepo *self,
                                 OstreeRepoTransactionStats *out_stats,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GCancellable *cancellable,
+                                GError **error);

Complete the transaction. Any refs set with ostree_repo_transaction_set_ref() or ostree_repo_transaction_set_refspec() will be written out.

@@ -2490,10 +2490,10 @@ that happened during this transaction.

ostree_repo_abort_transaction ()

-
gboolean
+
gboolean
 ostree_repo_abort_transaction (OstreeRepo *self,
-                               GCancellable *cancellable,
-                               GError **error);

+                               GCancellable *cancellable,
+                               GError **error);
@@ -2543,13 +2543,13 @@ ostree_repo_transaction_set_ref (const char *ref, const char *checksum);

If checksum - is not NULL, then record it as the target of ref named + is not NULL, then record it as the target of ref named ref ; if remote is provided, the ref will appear to originate from that remote.

Otherwise, if checksum - is NULL, then record that the ref should + is NULL, then record that the ref should be deleted.

The change will not be written out immediately, but when the transaction is completed with ostree_repo_commit_transaction(). If the transaction @@ -2591,13 +2591,13 @@ be made to the repository.

ostree_repo_set_ref_immediate ()

-
gboolean
+
gboolean
 ostree_repo_set_ref_immediate (OstreeRepo *self,
                                const char *remote,
                                const char *ref,
                                const char *checksum,
-                               GCancellable *cancellable,
-                               GError **error);

+                               GCancellable *cancellable,
+                               GError **error);

This is like ostree_repo_transaction_set_ref(), except it may be invoked outside of a transaction. This is presently safe for the case where we're creating or overwriting an existing ref.

@@ -2627,7 +2627,7 @@ case where we're creating or overwriting an existing ref.

 - + @@ -2647,12 +2647,12 @@ case where we're creating or overwriting an existing ref.

ostree_repo_set_cache_dir ()

-
gboolean
+
gboolean
 ostree_repo_set_cache_dir (OstreeRepo *self,
                            int dfd,
                            const char *path,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GCancellable *cancellable,
+                           GError **error);

Set a custom location for the cache directory used for e.g. per-remote summary caches. Setting this manually is useful when doing operations on a system repo as a user because you don't have @@ -2684,12 +2684,12 @@ write permissions in the repo, where the cache is normally stored.

 - + - + @@ -2699,14 +2699,14 @@ write permissions in the repo, where the cache is normally stored.

ostree_repo_sign_delta ()

-
gboolean
+
gboolean
 ostree_repo_sign_delta (OstreeRepo *self,
-                        const gchar *from_commit,
-                        const gchar *to_commit,
-                        const gchar *key_id,
-                        const gchar *homedir,
-                        GCancellable *cancellable,
-                        GError **error);

+                        const gchar *from_commit,
+                        const gchar *to_commit,
+                        const gchar *key_id,
+                        const gchar *homedir,
+                        GCancellable *cancellable,
+                        GError **error);

This function is deprecated, sign the summary file instead. Add a GPG signature to a static delta.

@@ -2760,17 +2760,17 @@ Add a GPG signature to a static delta.

ostree_repo_has_object ()

-
gboolean
+
gboolean
 ostree_repo_has_object (OstreeRepo *self,
                         OstreeObjectType objtype,
                         const char *checksum,
-                        gboolean *out_have_object,
-                        GCancellable *cancellable,
-                        GError **error);

+                        gboolean *out_have_object,
+                        GCancellable *cancellable,
+                        GError **error);

Set out_have_object - to TRUE if self + to TRUE if self contains the given object; -FALSE otherwise.

+FALSE otherwise.

Parameters

error

a GError

a GError

  

checksum

The checksum to point it to, or NULL to unset.

The checksum to point it to, or NULL to unset.

[allow-none]

cancellable

a GCancellable

a GCancellable

  

error

a GError

a GError

  
@@ -2797,7 +2797,7 @@ ostree_repo_has_object (

out_have_object

- + @@ -2815,26 +2815,26 @@ ostree_repo_has_object (

Returns

-

FALSE if an unexpected error occurred, TRUE otherwise

+

FALSE if an unexpected error occurred, TRUE otherwise

ostree_repo_write_metadata ()

-
gboolean
+
gboolean
 ostree_repo_write_metadata (OstreeRepo *self,
                             OstreeObjectType objtype,
                             const char *expected_checksum,
-                            GVariant *object,
-                            guchar **out_csum,
-                            GCancellable *cancellable,
-                            GError **error);

+                            GVariant *object,
+                            guchar **out_csum,
+                            GCancellable *cancellable,
+                            GError **error);

Store the metadata object variant . Return the checksum as out_csum .

If expected_checksum - is not NULL, verify it against the + is not NULL, verify it against the computed checksum.

Parameters

@@ -2891,10 +2891,10 @@ computed checksum.

ostree_repo_write_metadata_async (OstreeRepo *self, OstreeObjectType objtype, const char *expected_checksum, - GVariant *object, - GCancellable *cancellable, - GAsyncReadyCallback callback, - gpointer user_data); + GVariant *object, + GCancellable *cancellable, + GAsyncReadyCallback callback, + gpointer user_data);

Asynchronously store the metadata object variant . If provided, the checksum expected_checksum @@ -2951,23 +2951,23 @@ the checksum expected_checksum

ostree_repo_write_metadata_finish ()

-
gboolean
+
gboolean
 ostree_repo_write_metadata_finish (OstreeRepo *self,
-                                   GAsyncResult *result,
-                                   guchar **out_csum,
-                                   GError **error);

+                                   GAsyncResult *result,
+                                   guchar **out_csum,
+                                   GError **error);

ostree_repo_write_content ()

-
gboolean
+
gboolean
 ostree_repo_write_content (OstreeRepo *self,
                            const char *expected_checksum,
-                           GInputStream *object_input,
-                           guint64 length,
-                           guchar **out_csum,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GInputStream *object_input,
+                           guint64 length,
+                           guchar **out_csum,
+                           GCancellable *cancellable,
+                           GError **error);

Store the content object streamed as object_input , with total length length @@ -3026,13 +3026,13 @@ be returned as out_csum

ostree_repo_write_metadata_trusted ()

-
gboolean
+
gboolean
 ostree_repo_write_metadata_trusted (OstreeRepo *self,
                                     OstreeObjectType objtype,
                                     const char *checksum,
-                                    GVariant *variant,
-                                    GCancellable *cancellable,
-                                    GError **error);

+                                    GVariant *variant,
+                                    GCancellable *cancellable,
+                                    GError **error);

Store the metadata object variant ; the provided checksum is @@ -3083,15 +3083,15 @@ trusted.

ostree_repo_write_metadata_stream_trusted ()

-
gboolean
+
gboolean
 ostree_repo_write_metadata_stream_trusted
                                (OstreeRepo *self,
                                 OstreeObjectType objtype,
                                 const char *checksum,
-                                GInputStream *object_input,
-                                guint64 length,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GInputStream *object_input,
+                                guint64 length,
+                                GCancellable *cancellable,
+                                GError **error);

Store the metadata object variant ; the provided checksum is @@ -3147,13 +3147,13 @@ trusted.

ostree_repo_write_content_trusted ()

-
gboolean
+
gboolean
 ostree_repo_write_content_trusted (OstreeRepo *self,
                                    const char *checksum,
-                                   GInputStream *object_input,
-                                   guint64 length,
-                                   GCancellable *cancellable,
-                                   GError **error);

+                                   GInputStream *object_input,
+                                   guint64 length,
+                                   GCancellable *cancellable,
+                                   GError **error);

Store the content object streamed as object_input , with total length length @@ -3212,11 +3212,11 @@ disk, for example.

void
 ostree_repo_write_content_async (OstreeRepo *self,
                                  const char *expected_checksum,
-                                 GInputStream *object,
-                                 guint64 length,
-                                 GCancellable *cancellable,
-                                 GAsyncReadyCallback callback,
-                                 gpointer user_data);
+ GInputStream *object, + guint64 length, + GCancellable *cancellable, + GAsyncReadyCallback callback, + gpointer user_data);

Asynchronously store the content object object . If provided, the checksum expected_checksum @@ -3274,11 +3274,11 @@ checksum expected_checksum

ostree_repo_write_content_finish ()

-
gboolean
+
gboolean
 ostree_repo_write_content_finish (OstreeRepo *self,
-                                  GAsyncResult *result,
-                                  guchar **out_csum,
-                                  GError **error);

+                                  GAsyncResult *result,
+                                  guchar **out_csum,
+                                  GError **error);

Completes an invocation of ostree_repo_write_content_async().

Parameters

@@ -3296,7 +3296,7 @@ ostree_repo_write_content_finish (
- + @@ -3306,7 +3306,7 @@ ostree_repo_write_content_finish ( - + @@ -3316,12 +3316,12 @@ ostree_repo_write_content_finish (

ostree_repo_resolve_rev ()

-
gboolean
+
gboolean
 ostree_repo_resolve_rev (OstreeRepo *self,
                          const char *refspec,
-                         gboolean allow_noent,
+                         gboolean allow_noent,
                          char **out_rev,
-                         GError **error);

+                         GError **error);

Look up the given refspec, returning the checksum it references in the parameter out_rev . Will fall back on remote directory if cannot @@ -3352,7 +3352,7 @@ find the given refspec in local.

 - @@ -3368,13 +3368,13 @@ is true and it does not exist.

ostree_repo_resolve_rev_ext ()

-
gboolean
+
gboolean
 ostree_repo_resolve_rev_ext (OstreeRepo *self,
                              const char *refspec,
-                             gboolean allow_noent,
+                             gboolean allow_noent,
                              OstreeRepoResolveRevExtFlags flags,
                              char **out_rev,
-                             GError **error);

+                             GError **error);

Look up the given refspec, returning the checksum it references in the parameter out_rev . Differently from ostree_repo_resolve_rev(), @@ -3411,7 +3411,7 @@ local ref is specified but not found.

 - @@ -3427,14 +3427,14 @@ is true and it does not exist.

ostree_repo_list_refs ()

-
gboolean
+
gboolean
 ostree_repo_list_refs (OstreeRepo *self,
                        const char *refspec_prefix,
-                       GHashTable **out_all_refs,
-                       GCancellable *cancellable,
-                       GError **error);

+                       GHashTable **out_all_refs,
+                       GCancellable *cancellable,
+                       GError **error);

If refspec_prefix - is NULL, list all local and remote refspecs, + is NULL, list all local and remote refspecs, with their current values in out_all_refs . Otherwise, only list refspecs which have refspec_prefix @@ -3480,15 +3480,15 @@ refspecs which have refspec_prefix

ostree_repo_list_refs_ext ()

-
gboolean
+
gboolean
 ostree_repo_list_refs_ext (OstreeRepo *self,
                            const char *refspec_prefix,
-                           GHashTable **out_all_refs,
+                           GHashTable **out_all_refs,
                            OstreeRepoListRefsExtFlags flags,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GCancellable *cancellable,
+                           GError **error);

If refspec_prefix - is NULL, list all local and remote refspecs, + is NULL, list all local and remote refspecs, with their current values in out_all_refs . Otherwise, only list refspecs which have refspec_prefix @@ -3541,12 +3541,12 @@ name.

ostree_repo_remote_list_refs ()

-
gboolean
+
gboolean
 ostree_repo_remote_list_refs (OstreeRepo *self,
                               const char *remote_name,
-                              GHashTable **out_all_refs,
-                              GCancellable *cancellable,
-                              GError **error);

+                              GHashTable **out_all_refs,
+                              GCancellable *cancellable,
+                              GError **error);

Parameters

TRUE if repository contains object.

TRUE if repository contains object.

[out]

result

a GAsyncResult

a GAsyncResult

  

error

a GError

a GError

  

out_rev

A checksum,or NULL if allow_noent +

A checksum,or NULL if allow_noent is true and it does not exist.

[out][transfer full]

out_rev

A checksum,or NULL if allow_noent +

A checksum,or NULL if allow_noent is true and it does not exist.

[out][transfer full]
@@ -3588,12 +3588,12 @@ ostree_repo_remote_list_refs (

ostree_repo_load_variant ()

-
gboolean
+
gboolean
 ostree_repo_load_variant (OstreeRepo *self,
                           OstreeObjectType objtype,
                           const char *sha256,
-                          GVariant **out_variant,
-                          GError **error);

+                          GVariant **out_variant,
+                          GError **error);

Load the metadata object sha256 of type objtype , storing the @@ -3640,12 +3640,12 @@ result in out_variant

ostree_repo_load_commit ()

-
gboolean
+
gboolean
 ostree_repo_load_commit (OstreeRepo *self,
                          const char *checksum,
-                         GVariant **out_commit,
+                         GVariant **out_commit,
                          OstreeRepoCommitState *out_state,
-                         GError **error);

+                         GError **error);

A version of ostree_repo_load_variant() specialized to commits, capable of returning extended state information. Currently the only extended state is OSTREE_REPO_COMMIT_STATE_PARTIAL, which @@ -3691,18 +3691,18 @@ means that only a sub-path of the commit is available.

ostree_repo_load_variant_if_exists ()

-
gboolean
+
gboolean
 ostree_repo_load_variant_if_exists (OstreeRepo *self,
                                     OstreeObjectType objtype,
                                     const char *sha256,
-                                    GVariant **out_variant,
-                                    GError **error);

+                                    GVariant **out_variant,
+                                    GError **error);

Attempt to load the metadata object sha256 of type objtype if it exists, storing the result in out_variant . If it doesn't exist, -NULL is returned.

+NULL is returned.

Parameters

@@ -3744,14 +3744,14 @@ exists, storing the result in out_variant

ostree_repo_load_file ()

-
gboolean
+
gboolean
 ostree_repo_load_file (OstreeRepo *self,
                        const char *checksum,
-                       GInputStream **out_input,
-                       GFileInfo **out_file_info,
-                       GVariant **out_xattrs,
-                       GCancellable *cancellable,
-                       GError **error);

+                       GInputStream **out_input,
+                       GFileInfo **out_file_info,
+                       GVariant **out_xattrs,
+                       GCancellable *cancellable,
+                       GError **error);

Load content object, decomposing it into three parts: the actual content (for regular files), the metadata, and extended attributes.

@@ -3776,17 +3776,17 @@ content (for regular files), the metadata, and extended attributes.

 - + - + - + @@ -3805,14 +3805,14 @@ content (for regular files), the metadata, and extended attributes.

ostree_repo_load_object_stream ()

-
gboolean
+
gboolean
 ostree_repo_load_object_stream (OstreeRepo *self,
                                 OstreeObjectType objtype,
                                 const char *checksum,
-                                GInputStream **out_input,
-                                guint64 *out_size,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GInputStream **out_input,
+                                guint64 *out_size,
+                                GCancellable *cancellable,
+                                GError **error);

Load object as a stream; useful when copying objects between repositories.

@@ -3867,13 +3867,13 @@ repositories.

ostree_repo_query_object_storage_size ()

-
gboolean
+
gboolean
 ostree_repo_query_object_storage_size (OstreeRepo *self,
                                        OstreeObjectType objtype,
                                        const char *sha256,
-                                       guint64 *out_size,
-                                       GCancellable *cancellable,
-                                       GError **error);

+                                       guint64 *out_size,
+                                       GCancellable *cancellable,
+                                       GError **error);

Return the size in bytes of object with checksum sha256 , after any compression has been applied.

@@ -3923,13 +3923,13 @@ compression has been applied.

ostree_repo_import_object_from ()

-
gboolean
+
gboolean
 ostree_repo_import_object_from (OstreeRepo *self,
                                 OstreeRepo *source,
                                 OstreeObjectType objtype,
                                 const char *checksum,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GCancellable *cancellable,
+                                GError **error);

Copy object named by objtype and checksum into self @@ -3985,15 +3985,15 @@ hard link operation.

ostree_repo_import_object_from_with_trust ()

-
gboolean
+
gboolean
 ostree_repo_import_object_from_with_trust
                                (OstreeRepo *self,
                                 OstreeRepo *source,
                                 OstreeObjectType objtype,
                                 const char *checksum,
-                                gboolean trusted,
-                                GCancellable *cancellable,
-                                GError **error);

+                                gboolean trusted,
+                                GCancellable *cancellable,
+                                GError **error);

Copy object named by objtype and checksum into self @@ -4034,7 +4034,7 @@ hard link operation.

 - + @@ -4054,14 +4054,14 @@ hard link operation.

ostree_repo_import_archive_to_mtree ()

-
gboolean
+
gboolean
 ostree_repo_import_archive_to_mtree (OstreeRepo *self,
                                      OstreeRepoImportArchiveOptions *opts,
                                      void *archive,
                                      OstreeMutableTree *mtree,
                                      OstreeRepoCommitModifier *modifier,
-                                     GCancellable *cancellable,
-                                     GError **error);

+                                     GCancellable *cancellable,
+                                     GError **error);

Import an archive file archive into the repository, and write its file structure to mtree @@ -4118,13 +4118,13 @@ file structure to mtree

ostree_repo_export_tree_to_archive ()

-
gboolean
+
gboolean
 ostree_repo_export_tree_to_archive (OstreeRepo *self,
                                     OstreeRepoExportArchiveOptions *opts,
                                     OstreeRepoFile *root,
                                     void *archive,
-                                    GCancellable *cancellable,
-                                    GError **error);

+                                    GCancellable *cancellable,
+                                    GError **error);

Import an archive file archive into the repository, and write its file structure to mtree @@ -4176,16 +4176,16 @@ file structure to mtree

ostree_repo_delete_object ()

-
gboolean
+
gboolean
 ostree_repo_delete_object (OstreeRepo *self,
                            OstreeObjectType objtype,
                            const char *sha256,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GCancellable *cancellable,
+                           GError **error);

Remove the object of type objtype with checksum sha256 -from the repository. An error of type G_IO_ERROR_NOT_FOUND +from the repository. An error of type G_IO_ERROR_NOT_FOUND is thrown if the object does not exist.

Parameters

@@ -4231,8 +4231,8 @@ is thrown if the object does not exist.

OstreeRepoCommitFilterResult
 (*OstreeRepoCommitFilter) (OstreeRepo *repo,
                            const char *path,
-                           GFileInfo *file_info,
-                           gpointer user_data);
+ GFileInfo *file_info, + gpointer user_data);

Parameters

out_input

File content.

[out][allow-none][out][optional][nullable]

out_file_info

File information.

[out][allow-none][out][optional][nullable]

out_xattrs

Extended attributes.

[out][allow-none][out][optional][nullable]

cancellable

trusted

If TRUE, assume the source repo is valid and trusted

If TRUE, assume the source repo is valid and trusted

  
@@ -4276,8 +4276,8 @@ is thrown if the object does not exist.

OstreeRepoCommitModifier *
 ostree_repo_commit_modifier_new (OstreeRepoCommitModifierFlags flags,
                                  OstreeRepoCommitFilter commit_filter,
-                                 gpointer user_data,
-                                 GDestroyNotify destroy_notify);
+ gpointer user_data, + GDestroyNotify destroy_notify);

Parameters

@@ -4304,7 +4304,7 @@ ostree_repo_commit_modifier_new ( - + @@ -4319,12 +4319,12 @@ ostree_repo_commit_modifier_new (

OstreeRepoCommitModifierXattrCallback ()

-
GVariant *
+
GVariant *
 (*OstreeRepoCommitModifierXattrCallback)
                                (OstreeRepo *repo,
                                 const char *path,
-                                GFileInfo *file_info,
-                                gpointer user_data);

+                                GFileInfo *file_info,
+                                gpointer user_data);
@@ -4333,8 +4333,8 @@ ostree_repo_commit_modifier_new (OstreeRepoCommitModifier *modifier, OstreeRepoCommitModifierXattrCallback callback, - GDestroyNotify destroy, - gpointer user_data); + GDestroyNotify destroy, + gpointer user_data);

If set, this function should return extended attributes to use for the given path. This is useful for things like ACLs and SELinux, where a build system can label the files as it's committing to the @@ -4381,7 +4381,7 @@ ostree_repo_commit_modifier_set_sepolicy (OstreeRepoCommitModifier *modifier, OstreeSePolicy *sepolicy);

If policy - is non-NULL, use it to look up labels to use for + is non-NULL, use it to look up labels to use for "security.selinux" extended attributes.

Note that any policy specified this way operates in addition to any extended attributes provided via @@ -4495,19 +4495,19 @@ ostree_repo_devino_cache_unref (O

ostree_repo_devino_cache_get_type ()

-
GType
+
GType
 ostree_repo_devino_cache_get_type (void);

ostree_repo_write_directory_to_mtree ()

-
gboolean
+
gboolean
 ostree_repo_write_directory_to_mtree (OstreeRepo *self,
-                                      GFile *dir,
+                                      GFile *dir,
                                       OstreeMutableTree *mtree,
                                       OstreeRepoCommitModifier *modifier,
-                                      GCancellable *cancellable,
-                                      GError **error);

+                                      GCancellable *cancellable,
+                                      GError **error);

Store objects for dir and all children into the repository self , @@ -4559,14 +4559,14 @@ overlaying the resulting filesystem hierarchy into m

ostree_repo_write_dfd_to_mtree ()

-
gboolean
+
gboolean
 ostree_repo_write_dfd_to_mtree (OstreeRepo *self,
                                 int dfd,
                                 const char *path,
                                 OstreeMutableTree *mtree,
                                 OstreeRepoCommitModifier *modifier,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GCancellable *cancellable,
+                                GError **error);

Store as objects all contents of the directory referred to by dfd and path @@ -4625,14 +4625,14 @@ resulting filesystem hierarchy into mtree

ostree_repo_write_archive_to_mtree ()

-
gboolean
+
gboolean
 ostree_repo_write_archive_to_mtree (OstreeRepo *self,
-                                    GFile *archive,
+                                    GFile *archive,
                                     OstreeMutableTree *mtree,
                                     OstreeRepoCommitModifier *modifier,
-                                    gboolean autocreate_parents,
-                                    GCancellable *cancellable,
-                                    GError **error);

+                                    gboolean autocreate_parents,
+                                    GCancellable *cancellable,
+                                    GError **error);

Import an archive file archive into the repository, and write its file structure to mtree @@ -4688,12 +4688,12 @@ file structure to mtree

ostree_repo_write_mtree ()

-
gboolean
+
gboolean
 ostree_repo_write_mtree (OstreeRepo *self,
                          OstreeMutableTree *mtree,
-                         GFile **out_file,
-                         GCancellable *cancellable,
-                         GError **error);

+                         GFile **out_file,
+                         GCancellable *cancellable,
+                         GError **error);

Write all metadata objects for mtree to repo; the resulting out_file @@ -4742,16 +4742,16 @@ the mtree

ostree_repo_write_commit ()

-
gboolean
+
gboolean
 ostree_repo_write_commit (OstreeRepo *self,
                           const char *parent,
                           const char *subject,
                           const char *body,
-                          GVariant *metadata,
+                          GVariant *metadata,
                           OstreeRepoFile *root,
                           char **out_commit,
-                          GCancellable *cancellable,
-                          GError **error);

+                          GCancellable *cancellable,
+                          GError **error);

Write a commit metadata object, referencing root_contents_checksum and root_metadata_checksum @@ -4772,7 +4772,7 @@ and root_metadata_checksum

- + @@ -4787,7 +4787,7 @@ and root_metadata_checksum - + @@ -4817,17 +4817,17 @@ and root_metadata_checksum

ostree_repo_write_commit_with_time ()

-
gboolean
+
gboolean
 ostree_repo_write_commit_with_time (OstreeRepo *self,
                                     const char *parent,
                                     const char *subject,
                                     const char *body,
-                                    GVariant *metadata,
+                                    GVariant *metadata,
                                     OstreeRepoFile *root,
-                                    guint64 time,
+                                    guint64 time,
                                     char **out_commit,
-                                    GCancellable *cancellable,
-                                    GError **error);

+                                    GCancellable *cancellable,
+                                    GError **error);

Write a commit metadata object, referencing root_contents_checksum and root_metadata_checksum @@ -4848,7 +4848,7 @@ and root_metadata_checksum

- + @@ -4863,7 +4863,7 @@ and root_metadata_checksum - + @@ -4898,17 +4898,17 @@ and root_metadata_checksum

ostree_repo_read_commit_detached_metadata ()

-
gboolean
+
gboolean
 ostree_repo_read_commit_detached_metadata
                                (OstreeRepo *self,
                                 const char *checksum,
-                                GVariant **out_metadata,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GVariant **out_metadata,
+                                GCancellable *cancellable,
+                                GError **error);

OSTree commits can have arbitrary metadata associated; this function retrieves them. If none exists, out_metadata will be set -to NULL.

+to NULL.

Parameters

destroy_notify

A GDestroyNotify

A GDestroyNotify

  

parent

ASCII SHA256 checksum for parent, or NULL for none.

ASCII SHA256 checksum for parent, or NULL for none.

[allow-none]

metadata

GVariant of type a{sv}, or NULL for none.

GVariant of type a{sv}, or NULL for none.

[allow-none]

parent

ASCII SHA256 checksum for parent, or NULL for none.

ASCII SHA256 checksum for parent, or NULL for none.

[allow-none]

metadata

GVariant of type a{sv}, or NULL for none.

GVariant of type a{sv}, or NULL for none.

[allow-none]
@@ -4930,7 +4930,7 @@ to NULL.

 - + @@ -4950,18 +4950,18 @@ to NULL.

ostree_repo_write_commit_detached_metadata ()

-
gboolean
+
gboolean
 ostree_repo_write_commit_detached_metadata
                                (OstreeRepo *self,
                                 const char *checksum,
-                                GVariant *metadata,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GVariant *metadata,
+                                GCancellable *cancellable,
+                                GError **error);

Replace any existing metadata associated with commit referred to by checksum with metadata . If metadata - is NULL, then existing + is NULL, then existing data will be deleted.

Parameters

@@ -4984,7 +4984,7 @@ data will be deleted.

 - + @@ -5004,15 +5004,15 @@ data will be deleted.

ostree_repo_checkout_tree ()

-
gboolean
+
gboolean
 ostree_repo_checkout_tree (OstreeRepo *self,
                            OstreeRepoCheckoutMode mode,
                            OstreeRepoCheckoutOverwriteMode overwrite_mode,
-                           GFile *destination,
+                           GFile *destination,
                            OstreeRepoFile *source,
-                           GFileInfo *source_info,
-                           GCancellable *cancellable,
-                           GError **error);

+                           GFileInfo *source_info,
+                           GCancellable *cancellable,
+                           GError **error);

Check out source into destination , which must live on the @@ -5078,14 +5078,14 @@ files are checked out.

ostree_repo_checkout_tree_at ()

-
gboolean
+
gboolean
 ostree_repo_checkout_tree_at (OstreeRepo *self,
                               OstreeRepoCheckoutOptions *options,
                               int destination_dfd,
                               const char *destination_path,
                               const char *commit,
-                              GCancellable *cancellable,
-                              GError **error);

+                              GCancellable *cancellable,
+                              GError **error);

ostree_repo_checkout_tree_at is deprecated and should not be used in newly-written code.

Similar to ostree_repo_checkout_tree(), but uses directory-relative paths for the destination, uses a new OstreeRepoCheckoutAtOptions, @@ -5147,14 +5147,14 @@ cache.

ostree_repo_checkout_at ()

-
gboolean
+
gboolean
 ostree_repo_checkout_at (OstreeRepo *self,
                          OstreeRepoCheckoutAtOptions *options,
                          int destination_dfd,
                          const char *destination_path,
                          const char *commit,
-                         GCancellable *cancellable,
-                         GError **error);

+                         GCancellable *cancellable,
+                         GError **error);

Similar to ostree_repo_checkout_tree(), but uses directory-relative paths for the destination, uses a new OstreeRepoCheckoutAtOptions, and takes a commit checksum and optional subpath pair, rather than @@ -5215,10 +5215,10 @@ cache.

ostree_repo_checkout_gc ()

-
gboolean
+
gboolean
 ostree_repo_checkout_gc (OstreeRepo *self,
-                         GCancellable *cancellable,
-                         GError **error);

+                         GCancellable *cancellable,
+                         GError **error);

Call this after finishing a succession of checkout operations; it will delete any currently-unused uncompressed objects from the cache.

@@ -5253,13 +5253,13 @@ cache.

ostree_repo_read_commit ()

-
gboolean
+
gboolean
 ostree_repo_read_commit (OstreeRepo *self,
                          const char *ref,
-                         GFile **out_root,
+                         GFile **out_root,
                          char **out_commit,
-                         GCancellable *cancellable,
-                         GError **error);

+                         GCancellable *cancellable,
+                         GError **error);

Load the content for rev into out_root .

@@ -5309,18 +5309,18 @@ ostree_repo_read_commit (

ostree_repo_list_objects ()

-
gboolean
+
gboolean
 ostree_repo_list_objects (OstreeRepo *self,
                           OstreeRepoListObjectsFlags flags,
-                          GHashTable **out_objects,
-                          GCancellable *cancellable,
-                          GError **error);

+                          GHashTable **out_objects,
+                          GCancellable *cancellable,
+                          GError **error);

This function synchronously enumerates all objects in the repository, returning data in out_objects . out_objects maps from keys returned by ostree_object_name_serialize() -to GVariant values of type OSTREE_REPO_LIST_OBJECTS_VARIANT_TYPE.

+to GVariant values of type OSTREE_REPO_LIST_OBJECTS_VARIANT_TYPE.

Parameters

out_metadata

Metadata associated with commit in with format "a{sv}", or NULL if none exists.

Metadata associated with commit in with format "a{sv}", or NULL if none exists.

[out][transfer full]

metadata

Metadata to associate with commit in with format "a{sv}", or NULL to delete.

Metadata to associate with commit in with format "a{sv}", or NULL to delete.

[allow-none]
@@ -5360,20 +5360,20 @@ to GVariant values of type

Returns

-

TRUE on success, FALSE on error, and error +

TRUE on success, FALSE on error, and error will be set

ostree_repo_list_commit_objects_starting_with ()

-
gboolean
+
gboolean
 ostree_repo_list_commit_objects_starting_with
                                (OstreeRepo *self,
                                 const char *start,
-                                GHashTable **out_commits,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GHashTable **out_commits,
+                                GCancellable *cancellable,
+                                GError **error);

This function synchronously enumerates all commit objects starting with start , returning data in out_commits @@ -5417,18 +5417,18 @@ with start

Returns

-

TRUE on success, FALSE on error, and error +

TRUE on success, FALSE on error, and error will be set

ostree_repo_list_static_delta_names ()

-
gboolean
+
gboolean
 ostree_repo_list_static_delta_names (OstreeRepo *self,
-                                     GPtrArray **out_deltas,
-                                     GCancellable *cancellable,
-                                     GError **error);

+                                     GPtrArray **out_deltas,
+                                     GCancellable *cancellable,
+                                     GError **error);

This function synchronously enumerates all static deltas in the repository, returning its result in out_deltas .

@@ -5468,17 +5468,17 @@ repository, returning its result in out_deltas

ostree_repo_static_delta_generate ()

-
gboolean
+
gboolean
 ostree_repo_static_delta_generate (OstreeRepo *self,
                                    OstreeStaticDeltaGenerateOpt opt,
                                    const char *from,
                                    const char *to,
-                                   GVariant *metadata,
-                                   GVariant *params,
-                                   GCancellable *cancellable,
-                                   GError **error);

+                                   GVariant *metadata,
+                                   GVariant *params,
+                                   GCancellable *cancellable,
+                                   GError **error);

Generate a lookaside "static delta" from from - (NULL means + (NULL means from-empty) which can generate the objects in to . This delta is an optimization over fetching individual objects, and can be @@ -5519,7 +5519,7 @@ for input files

 - + @@ -5554,13 +5554,13 @@ for input files

ostree_repo_static_delta_execute_offline ()

-
gboolean
+
gboolean
 ostree_repo_static_delta_execute_offline
                                (OstreeRepo *self,
-                                GFile *dir_or_file,
-                                gboolean skip_validation,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GFile *dir_or_file,
+                                gboolean skip_validation,
+                                GCancellable *cancellable,
+                                GError **error);

Given a directory representing an already-downloaded static delta on disk, apply it, generating a new commit. The directory must be named with the form "FROM-TO", where both are checksums, and it @@ -5586,7 +5586,7 @@ must contain a file named "superblock", along with at least one part.

 - + @@ -5606,9 +5606,9 @@ must contain a file named "superblock", along with at least one part.

ostree_repo_traverse_new_reachable ()

-
GHashTable *
+
GHashTable *
 ostree_repo_traverse_new_reachable (void);

-
This hash table is a set of GVariant which can be accessed via
+
This hash table is a set of GVariant which can be accessed via
 ostree_object_name_deserialize().

 

 
Returns

@@ -5619,13 +5619,13 @@ ostree_repo_traverse_new_reachable (
 
ostree_repo_traverse_commit ()

-
gboolean
+
gboolean
 ostree_repo_traverse_commit (OstreeRepo *repo,
                              const char *commit_checksum,
                              int maxdepth,
-                             GHashTable **out_reachable,
-                             GCancellable *cancellable,
-                             GError **error);

+                             GHashTable **out_reachable,
+                             GCancellable *cancellable,
+                             GError **error);

 
Create a new set out_reachable
  containing all objects reachable
 from commit_checksum
@@ -5677,13 +5677,13 @@ from commit_checksum
 

 

 
ostree_repo_traverse_commit_union ()

-
gboolean
+
gboolean
 ostree_repo_traverse_commit_union (OstreeRepo *repo,
                                    const char *commit_checksum,
                                    int maxdepth,
-                                   GHashTable *inout_reachable,
-                                   GCancellable *cancellable,
-                                   GError **error);

+                                   GHashTable *inout_reachable,
+                                   GCancellable *cancellable,
+                                   GError **error);

 
Update the set inout_reachable
  containing all objects reachable
 from commit_checksum
@@ -5834,13 +5834,13 @@ called if 
 
ostree_repo_commit_traverse_iter_init_commit ()

-
gboolean
+
gboolean
 ostree_repo_commit_traverse_iter_init_commit
                                (OstreeRepoCommitTraverseIter *iter,
                                 OstreeRepo *repo,
-                                GVariant *commit,
+                                GVariant *commit,
                                 OstreeRepoCommitTraverseFlags flags,
-                                GError **error);

+                                GError **error);

 
Initialize (in place) an iterator over the root of a commit object.

 

 
Parameters

@@ -5883,13 +5883,13 @@ ostree_repo_commit_traverse_iter_init_commit
 

 

 
ostree_repo_commit_traverse_iter_init_dirtree ()

-
gboolean
+
gboolean
 ostree_repo_commit_traverse_iter_init_dirtree
                                (OstreeRepoCommitTraverseIter *iter,
                                 OstreeRepo *repo,
-                                GVariant *dirtree,
+                                GVariant *dirtree,
                                 OstreeRepoCommitTraverseFlags flags,
-                                GError **error);

+                                GError **error);

 
Initialize (in place) an iterator over a directory tree.

 

 
Parameters

@@ -5934,8 +5934,8 @@ ostree_repo_commit_traverse_iter_init_dirtree
 
ostree_repo_commit_traverse_iter_next ()

 
OstreeRepoCommitIterResult
 ostree_repo_commit_traverse_iter_next (OstreeRepoCommitTraverseIter *iter,
-                                       GCancellable *cancellable,
-                                       GError **error);

+                                       GCancellable *cancellable,
+                                       GError **error);

Step the interator to the next item. Files will be returned first, then subdirectories. Call this in a loop; upon encountering OSTREE_REPO_COMMIT_ITER_RESULT_END, there will be no more files or @@ -5979,15 +5979,15 @@ program error to call any further API on iter

ostree_repo_prune ()

-
gboolean
+
gboolean
 ostree_repo_prune (OstreeRepo *self,
                    OstreeRepoPruneFlags flags,
-                   gint depth,
-                   gint *out_objects_total,
-                   gint *out_objects_pruned,
-                   guint64 *out_pruned_object_size_total,
-                   GCancellable *cancellable,
-                   GError **error);

+                   gint depth,
+                   gint *out_objects_total,
+                   gint *out_objects_pruned,
+                   guint64 *out_pruned_object_size_total,
+                   GCancellable *cancellable,
+                   GError **error);

Delete content from the repository. By default, this function will only delete "orphaned" objects not referred to by any commit. This can happen during a local commit operation, when we have written @@ -6056,11 +6056,11 @@ deleting them.

ostree_repo_prune_static_deltas ()

-
gboolean
+
gboolean
 ostree_repo_prune_static_deltas (OstreeRepo *self,
                                  const char *commit,
-                                 GCancellable *cancellable,
-                                 GError **error);

+                                 GCancellable *cancellable,
+                                 GError **error);

Prune static deltas, if COMMIT is specified then delete static delta files only targeting that commit; otherwise any static delta of non existing commits are deleted.

@@ -6080,7 +6080,7 @@ deleted.

 - @@ -6101,14 +6101,14 @@ non existing commit.

ostree_repo_prune_from_reachable ()

-
gboolean
+
gboolean
 ostree_repo_prune_from_reachable (OstreeRepo *self,
                                   OstreeRepoPruneOptions *options,
-                                  gint *out_objects_total,
-                                  gint *out_objects_pruned,
-                                  guint64 *out_pruned_object_size_total,
-                                  GCancellable *cancellable,
-                                  GError **error);

+                                  gint *out_objects_total,
+                                  gint *out_objects_pruned,
+                                  guint64 *out_pruned_object_size_total,
+                                  GCancellable *cancellable,
+                                  GError **error);

Delete content from the repository. This function is the "backend" half of the higher level ostree_repo_prune(). To use this function, you determine the root set yourself, and this function finds all other @@ -6169,14 +6169,14 @@ statistics on objects that would be deleted, without actually deleting them.

ostree_repo_pull ()

-
gboolean
+
gboolean
 ostree_repo_pull (OstreeRepo *self,
                   const char *remote_name,
                   char **refs_to_fetch,
                   OstreeRepoPullFlags flags,
                   OstreeAsyncProgress *progress,
-                  GCancellable *cancellable,
-                  GError **error);

+                  GCancellable *cancellable,
+                  GError **error);

Connect to the remote repository, fetching the specified set of refs refs_to_fetch . For each ref that is changed, download the @@ -6186,7 +6186,7 @@ on disk in self

If flags contains OSTREE_REPO_PULL_FLAGS_MIRROR, and the refs_to_fetch - is NULL, and the remote repository contains a + is NULL, and the remote repository contains a summary file, then all refs will be fetched.

If flags contains OSTREE_REPO_PULL_FLAGS_COMMIT_ONLY, then only the @@ -6194,7 +6194,7 @@ metadata for the commits in refs_to_fetch

Warning: This API will iterate the thread default main context, which is a bug, but kept for compatibility reasons. If you want to -avoid this, use g_main_context_push_thread_default() to push a new +avoid this, use g_main_context_push_thread_default() to push a new one around this call.

Parameters

@@ -6217,7 +6217,7 @@ one around this call.

 - + @@ -6247,15 +6247,15 @@ one around this call.

ostree_repo_pull_one_dir ()

-
gboolean
+
gboolean
 ostree_repo_pull_one_dir (OstreeRepo *self,
                           const char *remote_name,
                           const char *dir_to_pull,
                           char **refs_to_fetch,
                           OstreeRepoPullFlags flags,
                           OstreeAsyncProgress *progress,
-                          GCancellable *cancellable,
-                          GError **error);

+                          GCancellable *cancellable,
+                          GError **error);

This is similar to ostree_repo_pull(), but only fetches a single subpath.

@@ -6284,7 +6284,7 @@ subpath.

 - + @@ -6314,13 +6314,13 @@ subpath.

ostree_repo_pull_with_options ()

-
gboolean
+
gboolean
 ostree_repo_pull_with_options (OstreeRepo *self,
                                const char *remote_name_or_baseurl,
-                               GVariant *options,
+                               GVariant *options,
                                OstreeAsyncProgress *progress,
-                               GCancellable *cancellable,
-                               GError **error);

+                               GCancellable *cancellable,
+                               GError **error);

Like ostree_repo_pull(), but supports an extensible set of flags. The following are currently defined:

    @@ -6337,7 +6337,7 @@ The following are currently defined:

  • override-commit-ids (as): Array of specific commit IDs to fetch for refs

  • dry-run (b): Only print information on what will be downloaded (requires static deltas)

  • override-url (s): Fetch objects from this URL if remote specifies no metalink in options

    • -

  • inherit-transaction (b): Don't initiate, finish or abort a transaction, usefult to do multiple pulls in one transaction.

    • +

  • inherit-transaction (b): Don't initiate, finish or abort a transaction, useful to do multiple pulls in one transaction.

  • http-headers (a(ss)): Additional headers to add to all HTTP requests

  • update-frequency (u): Frequency to call the async progress callback in milliseconds, if any; only values higher than 0 are valid

@@ -6390,7 +6390,7 @@ The following are currently defined:

void
 ostree_repo_pull_default_console_progress_changed
                                (OstreeAsyncProgress *progress,
-                                gpointer user_data);
+ gpointer user_data);

Convenient "changed" callback for use with ostree_async_progress_new_and_connect() when pulling from a remote repository.

@@ -6429,13 +6429,13 @@ and user_data

ostree_repo_sign_commit ()

-
gboolean
+
gboolean
 ostree_repo_sign_commit (OstreeRepo *self,
-                         const gchar *commit_checksum,
-                         const gchar *key_id,
-                         const gchar *homedir,
-                         GCancellable *cancellable,
-                         GError **error);

+                         const gchar *commit_checksum,
+                         const gchar *key_id,
+                         const gchar *homedir,
+                         GCancellable *cancellable,
+                         GError **error);

Add a GPG signature to a commit.

Parameters

@@ -6463,17 +6463,17 @@ ostree_repo_sign_commit (

homedir

-
 + - + - + @@ -6483,12 +6483,12 @@ ostree_repo_sign_commit (

ostree_repo_append_gpg_signature ()

-
gboolean
+
gboolean
 ostree_repo_append_gpg_signature (OstreeRepo *self,
-                                  const gchar *commit_checksum,
-                                  GBytes *signature_bytes,
-                                  GCancellable *cancellable,
-                                  GError **error);

+                                  const gchar *commit_checksum,
+                                  GBytes *signature_bytes,
+                                  GCancellable *cancellable,
+                                  GError **error);

Append a GPG signature to a commit.

Parameters

@@ -6516,12 +6516,12 @@ ostree_repo_append_gpg_signature (
- + - + @@ -6531,12 +6531,12 @@ ostree_repo_append_gpg_signature (

ostree_repo_add_gpg_signature_summary ()

-
gboolean
+
gboolean
 ostree_repo_add_gpg_signature_summary (OstreeRepo *self,
-                                       const gchar **key_id,
-                                       const gchar *homedir,
-                                       GCancellable *cancellable,
-                                       GError **error);

+                                       const gchar **key_id,
+                                       const gchar *homedir,
+                                       GCancellable *cancellable,
+                                       GError **error);

Add a GPG signature to a static delta.

Parameters

@@ -6559,17 +6559,17 @@ ostree_repo_add_gpg_signature_summary (

homedir

-
 + - + - + @@ -6581,20 +6581,20 @@ ostree_repo_add_gpg_signature_summary (

ostree_repo_gpg_verify_data ()

OstreeGpgVerifyResult *
 ostree_repo_gpg_verify_data (OstreeRepo *self,
-                             const gchar *remote_name,
-                             GBytes *data,
-                             GBytes *signatures,
-                             GFile *keyringdir,
-                             GFile *extra_keyring,
-                             GCancellable *cancellable,
-                             GError **error);
+ const gchar *remote_name, + GBytes *data, + GBytes *signatures, + GFile *keyringdir, + GFile *extra_keyring, + GCancellable *cancellable, + GError **error);

Verify signatures for data using GPG keys in the keyring for remote_name , and return an OstreeGpgVerifyResult.

The remote_name - parameter can be NULL. In that case it will do + parameter can be NULL. In that case it will do the verifications using GPG keys in the keyrings of all remotes.

Parameters

@@ -6617,12 +6617,12 @@ the verifications using GPG keys in the keyrings of all remotes.

 - + - + @@ -6650,20 +6650,20 @@ the verifications using GPG keys in the keyrings of all remotes.

Returns

-

an OstreeGpgVerifyResult, or NULL on error.

+

an OstreeGpgVerifyResult, or NULL on error.

[transfer full]

ostree_repo_verify_commit ()

-
gboolean
+
gboolean
 ostree_repo_verify_commit (OstreeRepo *self,
-                           const gchar *commit_checksum,
-                           GFile *keyringdir,
-                           GFile *extra_keyring,
-                           GCancellable *cancellable,
-                           GError **error);

+                           const gchar *commit_checksum,
+                           GFile *keyringdir,
+                           GFile *extra_keyring,
+                           GCancellable *cancellable,
+                           GError **error);

Check for a valid GPG signature on commit named by the ASCII checksum commit_checksum .

@@ -6711,7 +6711,7 @@ checksum commit_checksum

Returns

-

TRUE if there was a GPG signature from a trusted keyring, otherwise FALSE

+

TRUE if there was a GPG signature from a trusted keyring, otherwise FALSE

@@ -6719,11 +6719,11 @@ checksum commit_checksum

ostree_repo_verify_commit_ext ()

OstreeGpgVerifyResult *
 ostree_repo_verify_commit_ext (OstreeRepo *self,
-                               const gchar *commit_checksum,
-                               GFile *keyringdir,
-                               GFile *extra_keyring,
-                               GCancellable *cancellable,
-                               GError **error);
+ const gchar *commit_checksum, + GFile *keyringdir, + GFile *extra_keyring, + GCancellable *cancellable, + GError **error);

Read GPG signature(s) on the commit named by the ASCII checksum commit_checksum and return detailed results.

@@ -6771,7 +6771,7 @@ ostree_repo_verify_commit_ext (

Returns

-

an OstreeGpgVerifyResult, or NULL on error.

+

an OstreeGpgVerifyResult, or NULL on error.

[transfer full]

@@ -6780,10 +6780,10 @@ ostree_repo_verify_commit_ext (

ostree_repo_verify_commit_for_remote ()

OstreeGpgVerifyResult *
 ostree_repo_verify_commit_for_remote (OstreeRepo *self,
-                                      const gchar *commit_checksum,
-                                      const gchar *remote_name,
-                                      GCancellable *cancellable,
-                                      GError **error);
+ const gchar *commit_checksum, + const gchar *remote_name, + GCancellable *cancellable, + GError **error);

Read GPG signature(s) on the commit named by the ASCII checksum commit_checksum and return detailed results, based on the keyring @@ -6828,7 +6828,7 @@ configured for remote

Returns

-

an OstreeGpgVerifyResult, or NULL on error.

+

an OstreeGpgVerifyResult, or NULL on error.

[transfer full]

@@ -6838,10 +6838,10 @@ configured for remote 
OstreeGpgVerifyResult *
 ostree_repo_verify_summary (OstreeRepo *self,
                             const char *remote_name,
-                            GBytes *summary,
-                            GBytes *signatures,
-                            GCancellable *cancellable,
-                            GError **error);
+ GBytes *summary, + GBytes *signatures, + GCancellable *cancellable, + GError **error);

Verify signatures for summary data using GPG keys in the keyring for @@ -6868,12 +6868,12 @@ ostree_repo_verify_summary (

summary

- + - + @@ -6891,18 +6891,18 @@ ostree_repo_verify_summary (

Returns

-

an OstreeGpgVerifyResult, or NULL on error.

+

an OstreeGpgVerifyResult, or NULL on error.

[transfer full]

ostree_repo_regenerate_summary ()

-
gboolean
+
gboolean
 ostree_repo_regenerate_summary (OstreeRepo *self,
-                                GVariant *additional_metadata,
-                                GCancellable *cancellable,
-                                GError **error);

+                                GVariant *additional_metadata,
+                                GCancellable *cancellable,
+                                GError **error);

An OSTree repository can contain a high level "summary" file that describes the available branches and other metadata.

If the timetable for making commits and updating the summary file is fairly @@ -6927,7 +6927,7 @@ will aid clients in working out when to check for updates.

 - + @@ -7071,52 +7071,52 @@ interesting for reporting purposes.

 - + - + - + - + - + - + - + - + - + @@ -7389,7 +7389,7 @@ in bytes, counting only content objects.

OSTREE_REPO_LIST_OBJECTS_VARIANT_TYPE

#define OSTREE_REPO_LIST_OBJECTS_VARIANT_TYPE (G_VARIANT_TYPE ("(bas)")
-

b - TRUE if object is available "loose" +

b - TRUE if object is available "loose" as - List of pack file checksums in which this object appears

@@ -7555,6 +7555,13 @@ as - List of pack file checksums in which this object appears

 + + + + +

from

ASCII SHA256 checksum of origin, or NULL

ASCII SHA256 checksum of origin, or NULL

  

skip_validation

If TRUE, assume data integrity

If TRUE, assume data integrity

  

commit

ASCII SHA256 checksum for commit, or NULL for each +

ASCII SHA256 checksum for commit, or NULL for each non existing commit.

[allow-none]

refs_to_fetch

Optional list of refs; if NULL, fetch all configured refs.

Optional list of refs; if NULL, fetch all configured refs.

[array zero-terminated=1][element-type utf8][allow-none]

refs_to_fetch

Optional list of refs; if NULL, fetch all configured refs.

Optional list of refs; if NULL, fetch all configured refs.

[array zero-terminated=1][element-type utf8][allow-none]

GPG home directory, or NULL.

GPG home directory, or NULL.

[allow-none]

cancellable

A GCancellable

A GCancellable

  

error

a GError

a GError

  

cancellable

A GCancellable

A GCancellable

  

error

a GError

a GError

  

GPG home directory, or NULL.

GPG home directory, or NULL.

[allow-none]

cancellable

A GCancellable

A GCancellable

  

error

a GError

a GError

  

data

Data as a GBytes

Data as a GBytes

  

signatures

Signatures as a GBytes

Signatures as a GBytes

  

Summary data as a GBytes

Summary data as a GBytes

  

signatures

Summary signatures as a GBytes

Summary signatures as a GBytes

  

additional_metadata

A GVariant of type a{sv}, or NULL.

A GVariant of type a{sv}, or NULL.

[allow-none]

guint metadata_objects_total;

guint metadata_objects_total;

The total number of metadata objects in the repository after this transaction has completed.

  

guint metadata_objects_written;

guint metadata_objects_written;

The number of metadata objects that were written to the repository in this transaction.

  

guint content_objects_total;

guint content_objects_total;

The total number of content objects in the repository after this transaction has completed.

  

guint content_objects_written;

guint content_objects_written;

The number of content objects that were written to the repository in this transaction.

  

guint64 content_bytes_written;

guint64 content_bytes_written;

The amount of data added to the repository, in bytes, counting only content objects.

  

guint64 padding1;

guint64 padding1;

reserved

  

guint64 padding2;

guint64 padding2;

reserved

  

guint64 padding3;

guint64 padding3;

reserved

  

guint64 padding4;

guint64 padding4;

reserved

  
 

OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES

 +

Since 2017.7. Reject writes of content objects with modes outside of 0775.

+		 
diff --git a/apidoc/html/ostree-Core-repository-independent-functions.html b/apidoc/html/ostree-Core-repository-independent-functions.html index 8bf4efcf..6fbf6eeb 100644 --- a/apidoc/html/ostree-Core-repository-independent-functions.html +++ b/apidoc/html/ostree-Core-repository-independent-functions.html @@ -46,7 +46,7 @@ -const GVariantType * +const GVariantType * ostree_metadata_variant_type () @@ -54,7 +54,7 @@ -gboolean +gboolean ostree_validate_checksum_string () @@ -62,7 +62,7 @@ -guchar * +guchar * ostree_checksum_to_bytes () @@ -70,7 +70,7 @@ -GVariant * +GVariant * ostree_checksum_to_bytes_v () @@ -109,14 +109,14 @@ -const guchar * +const guchar * ostree_checksum_bytes_peek () -const guchar * +const guchar * ostree_checksum_bytes_peek_validate () @@ -132,7 +132,7 @@ -guchar * +guchar * ostree_checksum_b64_to_bytes () @@ -164,7 +164,7 @@ -gboolean +gboolean ostree_validate_rev () @@ -172,7 +172,7 @@ -gboolean +gboolean ostree_parse_refspec () @@ -195,7 +195,7 @@ -guint +guint ostree_hash_object_name () @@ -203,7 +203,7 @@ -GVariant * +GVariant * ostree_object_name_serialize () @@ -235,7 +235,7 @@ -gboolean +gboolean ostree_content_stream_parse () @@ -243,7 +243,7 @@ -gboolean +gboolean ostree_content_file_parse () @@ -251,7 +251,7 @@ -gboolean +gboolean ostree_content_file_parse_at () @@ -259,7 +259,7 @@ -gboolean +gboolean ostree_raw_file_to_archive_z2_stream () @@ -267,7 +267,7 @@ -gboolean +gboolean ostree_raw_file_to_archive_z2_stream_with_options () @@ -275,7 +275,7 @@ -gboolean +gboolean ostree_raw_file_to_content_stream () @@ -283,7 +283,7 @@ -gboolean +gboolean ostree_checksum_file_from_input () @@ -291,7 +291,7 @@ -gboolean +gboolean ostree_checksum_file () @@ -307,7 +307,7 @@ -gboolean +gboolean ostree_checksum_file_async_finish () @@ -315,7 +315,7 @@ -GVariant * +GVariant * ostree_create_directory_metadata () @@ -323,7 +323,7 @@ -gboolean +gboolean ostree_validate_structureof_objtype () @@ -331,7 +331,7 @@ -gboolean +gboolean ostree_validate_structureof_csum_v () @@ -339,7 +339,7 @@ -gboolean +gboolean ostree_validate_structureof_checksum_string () @@ -347,7 +347,7 @@ -gboolean +gboolean ostree_validate_structureof_file_mode () @@ -355,7 +355,7 @@ -gboolean +gboolean ostree_validate_structureof_commit () @@ -363,7 +363,7 @@ -gboolean +gboolean ostree_validate_structureof_dirtree () @@ -371,7 +371,7 @@ -gboolean +gboolean ostree_validate_structureof_dirmeta () @@ -379,7 +379,7 @@ -gchar * +gchar * ostree_commit_get_parent () @@ -387,7 +387,7 @@ -guint64 +guint64 ostree_commit_get_timestamp () @@ -395,7 +395,7 @@ -gboolean +gboolean ostree_check_version () @@ -421,10 +421,6 @@ OSTREE_MAX_METADATA_WARN_SIZE -#define -OSTREE_MAX_RECURSION - - enum OstreeObjectType @@ -479,11 +475,11 @@

Description

These functions implement repository-independent algorithms for operating on the core OSTree data formats, such as converting -GFileInfo into a GVariant.

+GFileInfo into a GVariant.

There are 4 types of objects; file, dirmeta, tree, and commit. The last 3 are metadata, and the file object is the only content object type.

-

All metadata objects are stored as GVariant (big endian). The +

All metadata objects are stored as GVariant (big endian). The rationale for this is the same as that of the ext{2,3,4} family of filesystems; most developers will be using LE, and so it's better to continually test the BE->LE swap.

@@ -512,21 +508,21 @@ to continually test the BE->LE swap.

Returns

-

TRUE if object type is metadata

+

TRUE if object type is metadata

ostree_metadata_variant_type ()

-
const GVariantType *
+
const GVariantType *
 ostree_metadata_variant_type (OstreeObjectType objtype);

ostree_validate_checksum_string ()

-
gboolean
+
gboolean
 ostree_validate_checksum_string (const char *sha256,
-                                 GError **error);

+                                 GError **error);

Use this function to see if input strings are checksums.

Parameters

@@ -552,14 +548,14 @@ ostree_validate_checksum_string (const

Returns

-

TRUE if sha256 -is a valid checksum string, FALSE otherwise

+

TRUE if sha256 +is a valid checksum string, FALSE otherwise

ostree_checksum_to_bytes ()

-
guchar *
+
guchar *
 ostree_checksum_to_bytes (const char *checksum);

 

 
Parameters

@@ -579,14 +575,14 @@ ostree_checksum_to_bytes (const c
 

 
Returns

 
 Binary checksum from checksum
-of length 32; free with g_free(). 

+of length 32; free with g_free(). 

 
[transfer full][array fixed-size=32]

 

 

 

 

 
ostree_checksum_to_bytes_v ()

-
GVariant *
+
GVariant *
 ostree_checksum_to_bytes_v (const char *checksum);

 

 
Parameters

@@ -605,7 +601,7 @@ ostree_checksum_to_bytes_v (const 
 

 
Returns

-
 New GVariant of type ay with length 32. 

+
 New GVariant of type ay with length 32. 

 
[transfer full]

 

 

@@ -613,7 +609,7 @@ ostree_checksum_to_bytes_v (const 
 
ostree_checksum_from_bytes ()

 
char *
-ostree_checksum_from_bytes (const guchar *csum);

+ostree_checksum_from_bytes (const guchar *csum);

 

 
Parameters

 

@@ -640,7 +636,7 @@ ostree_checksum_from_bytes (const 
 
ostree_checksum_from_bytes_v ()

 
char *
-ostree_checksum_from_bytes_v (GVariant *csum_v);

+ostree_checksum_from_bytes_v (GVariant *csum_v);
 

 
Parameters

 

@@ -651,7 +647,7 @@ ostree_checksum_from_bytes_v (GVa
 
 
-
+

 
csum_v
GVariant of type ay
GVariant of type ay

  
 

 

@@ -667,7 +663,7 @@ ostree_checksum_from_bytes_v (GVa
 

 
ostree_checksum_inplace_from_bytes ()

 
void
-ostree_checksum_inplace_from_bytes (const guchar *csum,
+ostree_checksum_inplace_from_bytes (const guchar *csum,
                                     char *buf);

 
Overwrite the contents of buf
  with stringified version of csum
@@ -701,7 +697,7 @@ ostree_checksum_inplace_from_bytes (const 
ostree_checksum_inplace_to_bytes ()

 
void
 ostree_checksum_inplace_to_bytes (const char *checksum,
-                                  guchar *buf);

+                                  guchar *buf);

Convert checksum from a string to binary in-place, without allocating memory. Use this function in hot code paths.

@@ -731,8 +727,8 @@ allocating memory. Use this function in hot code paths.

ostree_checksum_bytes_peek ()

-
const guchar *
-ostree_checksum_bytes_peek (GVariant *bytes);
+
const guchar *
+ostree_checksum_bytes_peek (GVariant *bytes);

Parameters

@@ -743,7 +739,7 @@ ostree_checksum_bytes_peek (GVari - +

bytes

GVariant of type ay

GVariant of type ay

  
@@ -752,16 +748,16 @@ ostree_checksum_bytes_peek (GVari

Returns

Binary checksum data in bytes ; do not free. If bytes -does not have the correct length, return NULL.

+does not have the correct length, return NULL.

[transfer none][array fixed-size=32][element-type guint8]

ostree_checksum_bytes_peek_validate ()

-
const guchar *
-ostree_checksum_bytes_peek_validate (GVariant *bytes,
-                                     GError **error);
+
const guchar *
+ostree_checksum_bytes_peek_validate (GVariant *bytes,
+                                     GError **error);

Like ostree_checksum_bytes_peek(), but also throws error .

@@ -775,7 +771,7 @@ ostree_checksum_bytes_peek_validate (

bytes

-

GVariant of type ay

+

GVariant of type ay

  @@ -796,7 +792,7 @@ ostree_checksum_bytes_peek_validate (

ostree_checksum_b64_from_bytes ()

char *
-ostree_checksum_b64_from_bytes (const guchar *csum);
+ostree_checksum_b64_from_bytes (const guchar *csum);

Parameters

@@ -824,7 +820,7 @@ character is used.

ostree_checksum_b64_to_bytes ()

-
guchar *
+
guchar *
 ostree_checksum_b64_to_bytes (const char *checksum);

 

 
Parameters

@@ -853,7 +849,7 @@ ostree_checksum_b64_to_bytes (const 
ostree_checksum_b64_inplace_from_bytes ()

 
void
 ostree_checksum_b64_inplace_from_bytes
-                               (const guchar *csum,
+                               (const guchar *csum,
                                 char *buf);

 
Overwrite the contents of buf
  with modified base64 encoding of csum
@@ -889,7 +885,7 @@ character is used.

 
ostree_checksum_b64_inplace_to_bytes ()

 
void
 ostree_checksum_b64_inplace_to_bytes (const char *checksum,
-                                      guint8 *buf);

+                                      guint8 *buf);

Overwrite the contents of buf with stringified version of csum .

@@ -921,8 +917,8 @@ ostree_checksum_b64_inplace_to_bytes (const

ostree_cmp_checksum_bytes ()

int
-ostree_cmp_checksum_bytes (const guchar *a,
-                           const guchar *b);
+ostree_cmp_checksum_bytes (const guchar *a, + const guchar *b);

Compare two binary checksums, using memcmp().

Parameters

@@ -950,9 +946,9 @@ ostree_cmp_checksum_bytes (const

ostree_validate_rev ()

-
gboolean
+
gboolean
 ostree_validate_rev (const char *rev,
-                     GError **error);

+                     GError **error);

Parameters

@@ -977,18 +973,18 @@ ostree_validate_rev (const char

Returns

-

TRUE if rev +

TRUE if rev is a valid ref string

ostree_parse_refspec ()

-
gboolean
+
gboolean
 ostree_parse_refspec (const char *refspec,
                       char **out_remote,
                       char **out_ref,
-                      GError **error);

+                      GError **error);

Split a refspec like "gnome-ostree:gnome-ostree/buildmaster" into two parts; out_remote will be set to "gnome-ostree", and out_ref @@ -996,7 +992,7 @@ two parts; out_remote will be "gnome-ostree/buildmaster".

If refspec refers to a local ref, out_remote - will be NULL.

+ will be NULL.

Parameters

@@ -1013,7 +1009,7 @@ will be "gnome-ostree/buildmaster".

 - + @@ -1078,9 +1074,9 @@ ostree_object_type_from_string (const

ostree_hash_object_name ()

-
guint
-ostree_hash_object_name (gconstpointer a);
-

Use this function with GHashTable and ostree_object_name_serialize().

+
guint
+ostree_hash_object_name (gconstpointer a);
+

Use this function with GHashTable and ostree_object_name_serialize().

Parameters

out_remote

The remote name, or NULL if the refspec refs to a local ref.

The remote name, or NULL if the refspec refs to a local ref.

[out][allow-none]
@@ -1091,7 +1087,7 @@ ostree_hash_object_name (gconstpo - +

a

A GVariant containing a serialized object

A GVariant containing a serialized object

  
@@ -1100,7 +1096,7 @@ ostree_hash_object_name (gconstpo

ostree_object_name_serialize ()

-
GVariant *
+
GVariant *
 ostree_object_name_serialize (const char *checksum,
                               OstreeObjectType objtype);

 

@@ -1127,7 +1123,7 @@ ostree_object_name_serialize (const 
 
Returns

-
 A new floating GVariant containing checksum string and objtype. 

+
 A new floating GVariant containing checksum string and objtype. 

 
[transfer floating]
@@ -1135,7 +1131,7 @@ ostree_object_name_serialize (const

ostree_object_name_deserialize ()

void
-ostree_object_name_deserialize (GVariant *variant,
+ostree_object_name_deserialize (GVariant *variant,
                                 const char **out_checksum,
                                 OstreeObjectType *out_objtype);

Reverse ostree_object_name_serialize(). Note that out_checksum @@ -1153,7 +1149,7 @@ only valid for the lifetime of variant

variant

-

A GVariant of type (su)

+

A GVariant of type (su)

  @@ -1211,7 +1207,7 @@ and a stringifed version of objtype

ostree_object_from_string ()

void
 ostree_object_from_string (const char *str,
-                           gchar **out_checksum,
+                           gchar **out_checksum,
                            OstreeObjectType *out_objtype);

Reverse ostree_object_to_string().

@@ -1245,16 +1241,16 @@ ostree_object_from_string (const

ostree_content_stream_parse ()

-
gboolean
-ostree_content_stream_parse (gboolean compressed,
-                             GInputStream *input,
-                             guint64 input_length,
-                             gboolean trusted,
-                             GInputStream **out_input,
-                             GFileInfo **out_file_info,
-                             GVariant **out_xattrs,
-                             GCancellable *cancellable,
-                             GError **error);
+
gboolean
+ostree_content_stream_parse (gboolean compressed,
+                             GInputStream *input,
+                             guint64 input_length,
+                             gboolean trusted,
+                             GInputStream **out_input,
+                             GFileInfo **out_file_info,
+                             GVariant **out_xattrs,
+                             GCancellable *cancellable,
+                             GError **error);

The reverse of ostree_raw_file_to_content_stream(); this function converts an object content stream back into components.

@@ -1283,7 +1279,7 @@ converts an object content stream back into components.

trusted

-

If TRUE, assume the content has been validated

+

If TRUE, assume the content has been validated

  @@ -1318,15 +1314,15 @@ converts an object content stream back into components.

ostree_content_file_parse ()

-
gboolean
-ostree_content_file_parse (gboolean compressed,
-                           GFile *content_path,
-                           gboolean trusted,
-                           GInputStream **out_input,
-                           GFileInfo **out_file_info,
-                           GVariant **out_xattrs,
-                           GCancellable *cancellable,
-                           GError **error);
+
gboolean
+ostree_content_file_parse (gboolean compressed,
+                           GFile *content_path,
+                           gboolean trusted,
+                           GInputStream **out_input,
+                           GFileInfo **out_file_info,
+                           GVariant **out_xattrs,
+                           GCancellable *cancellable,
+                           GError **error);

A thin wrapper for ostree_content_stream_parse(); this function converts an object content stream back into components.

@@ -1350,7 +1346,7 @@ converts an object content stream back into components.

trusted

-

If TRUE, assume the content has been validated

+

If TRUE, assume the content has been validated

  @@ -1385,16 +1381,16 @@ converts an object content stream back into components.

ostree_content_file_parse_at ()

-
gboolean
-ostree_content_file_parse_at (gboolean compressed,
+
gboolean
+ostree_content_file_parse_at (gboolean compressed,
                               int parent_dfd,
                               const char *path,
-                              gboolean trusted,
-                              GInputStream **out_input,
-                              GFileInfo **out_file_info,
-                              GVariant **out_xattrs,
-                              GCancellable *cancellable,
-                              GError **error);

+                              gboolean trusted,
+                              GInputStream **out_input,
+                              GFileInfo **out_file_info,
+                              GVariant **out_xattrs,
+                              GCancellable *cancellable,
+                              GError **error);

A thin wrapper for ostree_content_stream_parse(); this function converts an object content stream back into components.

@@ -1423,7 +1419,7 @@ converts an object content stream back into components.

trusted

-

If TRUE, assume the content has been validated

+

If TRUE, assume the content has been validated

  @@ -1458,13 +1454,13 @@ converts an object content stream back into components.

ostree_raw_file_to_archive_z2_stream ()

-
gboolean
-ostree_raw_file_to_archive_z2_stream (GInputStream *input,
-                                      GFileInfo *file_info,
-                                      GVariant *xattrs,
-                                      GInputStream **out_input,
-                                      GCancellable *cancellable,
-                                      GError **error);
+
gboolean
+ostree_raw_file_to_archive_z2_stream (GInputStream *input,
+                                      GFileInfo *file_info,
+                                      GVariant *xattrs,
+                                      GInputStream **out_input,
+                                      GCancellable *cancellable,
+                                      GError **error);

Convert from a "bare" file representation into an OSTREE_OBJECT_TYPE_FILE stream suitable for ostree pull.

@@ -1513,15 +1509,15 @@ OSTREE_OBJECT_TYPE_FILE stream suitable for ostree pull.

ostree_raw_file_to_archive_z2_stream_with_options ()

-
gboolean
+
gboolean
 ostree_raw_file_to_archive_z2_stream_with_options
-                               (GInputStream *input,
-                                GFileInfo *file_info,
-                                GVariant *xattrs,
-                                GVariant *options,
-                                GInputStream **out_input,
-                                GCancellable *cancellable,
-                                GError **error);

+                               (GInputStream *input,
+                                GFileInfo *file_info,
+                                GVariant *xattrs,
+                                GVariant *options,
+                                GInputStream **out_input,
+                                GCancellable *cancellable,
+                                GError **error);

Like ostree_raw_file_to_archive_z2_stream(), but supports an extensible set of flags. The following flags are currently defined:

  • compression-level (i): Level of compression to use, 0–9, with 0 being @@ -1578,14 +1574,14 @@ the least compression, and <0 giving the default level (currently 6).

    • ostree_raw_file_to_content_stream ()

    -
    gboolean
-ostree_raw_file_to_content_stream (GInputStream *input,
-                                   GFileInfo *file_info,
-                                   GVariant *xattrs,
-                                   GInputStream **out_input,
-                                   guint64 *out_length,
-                                   GCancellable *cancellable,
-                                   GError **error);
    +
    gboolean
+ostree_raw_file_to_content_stream (GInputStream *input,
+                                   GFileInfo *file_info,
+                                   GVariant *xattrs,
+                                   GInputStream **out_input,
+                                   guint64 *out_length,
+                                   GCancellable *cancellable,
+                                   GError **error);

    Convert from a "bare" file representation into an OSTREE_OBJECT_TYPE_FILE stream. This is a fundamental operation for writing data to an OstreeRepo.

    @@ -1640,14 +1636,14 @@ for writing data to an

    ostree_checksum_file_from_input ()

    -
    gboolean
-ostree_checksum_file_from_input (GFileInfo *file_info,
-                                 GVariant *xattrs,
-                                 GInputStream *in,
+
    gboolean
+ostree_checksum_file_from_input (GFileInfo *file_info,
+                                 GVariant *xattrs,
+                                 GInputStream *in,
                                  OstreeObjectType objtype,
-                                 guchar **out_csum,
-                                 GCancellable *cancellable,
-                                 GError **error);
    
+                                 guchar **out_csum,
+                                 GCancellable *cancellable,
+                                 GError **error);

    Compute the OSTree checksum for a given input.

    Parameters

    @@ -1670,7 +1666,7 @@ ostree_checksum_file_from_input (

    in

    -

    File content, should be NULL for symbolic links.

    +

    File content, should be NULL for symbolic links.

    [allow-none] @@ -1700,12 +1696,12 @@ ostree_checksum_file_from_input (

    ostree_checksum_file ()

    -
    gboolean
-ostree_checksum_file (GFile *f,
+
    gboolean
+ostree_checksum_file (GFile *f,
                       OstreeObjectType objtype,
-                      guchar **out_csum,
-                      GCancellable *cancellable,
-                      GError **error);
    
+                      guchar **out_csum,
+                      GCancellable *cancellable,
+                      GError **error);

    Compute the OSTree checksum for a given file.

    Parameters

    @@ -1749,12 +1745,12 @@ ostree_checksum_file (GFile

    ostree_checksum_file_async ()

    void
-ostree_checksum_file_async (GFile *f,
+ostree_checksum_file_async (GFile *f,
                             OstreeObjectType objtype,
                             int io_priority,
-                            GCancellable *cancellable,
-                            GAsyncReadyCallback callback,
-                            gpointer user_data);
    + GCancellable *cancellable, + GAsyncReadyCallback callback, + gpointer user_data);

    Asynchronously compute the OSTree checksum for a given file; complete with ostree_checksum_file_async_finish().

    @@ -1804,11 +1800,11 @@ complete with

    ostree_checksum_file_async_finish ()

    -
    gboolean
-ostree_checksum_file_async_finish (GFile *f,
-                                   GAsyncResult *result,
-                                   guchar **out_csum,
-                                   GError **error);
    +
    gboolean
+ostree_checksum_file_async_finish (GFile *f,
+                                   GAsyncResult *result,
+                                   guchar **out_csum,
+                                   GError **error);

    Finish computing the OSTree checksum for a given file; see ostree_checksum_file_async().

    @@ -1847,9 +1843,9 @@ ostree_checksum_file_async_finish (

    ostree_create_directory_metadata ()

    -
    GVariant *
-ostree_create_directory_metadata (GFileInfo *dir_info,
-                                  GVariant *xattrs);
    +
    GVariant *
+ostree_create_directory_metadata (GFileInfo *dir_info,
+                                  GVariant *xattrs);

    Parameters

    @@ -1861,7 +1857,7 @@ ostree_create_directory_metadata ( - + @@ -1874,16 +1870,16 @@ ostree_create_directory_metadata (

    Returns

    -

    A new GVariant containing OSTREE_OBJECT_TYPE_DIR_META.

    +

    A new GVariant containing OSTREE_OBJECT_TYPE_DIR_META.

    [transfer full]

    ostree_validate_structureof_objtype ()

    -
    gboolean
-ostree_validate_structureof_objtype (guchar objtype,
-                                     GError **error);
    +
    gboolean
+ostree_validate_structureof_objtype (guchar objtype,
+                                     GError **error);

    Parameters

    dir_info

    a GFileInfo containing directory information

    a GFileInfo containing directory information

    		  
    @@ -1901,16 +1897,16 @@ ostree_validate_structureof_objtype (

    Returns

    -

    TRUE if objtype +

    TRUE if objtype represents a valid object type

    ostree_validate_structureof_csum_v ()

    -
    gboolean
-ostree_validate_structureof_csum_v (GVariant *checksum,
-                                    GError **error);
    +
    gboolean
+ostree_validate_structureof_csum_v (GVariant *checksum,
+                                    GError **error);

    Parameters

    @@ -1922,7 +1918,7 @@ ostree_validate_structureof_csum_v (

    checksum

    -     + @@ -1935,17 +1931,17 @@ ostree_validate_structureof_csum_v (

    Returns

    -

    TRUE if checksum +

    TRUE if checksum is a valid binary SHA256 checksum

    ostree_validate_structureof_checksum_string ()

    -
    gboolean
+
    gboolean
 ostree_validate_structureof_checksum_string
                                (const char *checksum,
-                                GError **error);
    
+                                GError **error);

    Parameters

    a GVariant of type "ay"

    a GVariant of type "ay"

    		  
    @@ -1970,16 +1966,16 @@ ostree_validate_structureof_checksum_string

    Returns

    -

    TRUE if checksum +

    TRUE if checksum is a valid ASCII SHA256 checksum

    ostree_validate_structureof_file_mode ()

    -
    gboolean
-ostree_validate_structureof_file_mode (guint32 mode,
-                                       GError **error);
    +
    gboolean
+ostree_validate_structureof_file_mode (guint32 mode,
+                                       GError **error);

    Parameters

    @@ -2004,16 +2000,16 @@ ostree_validate_structureof_file_mode (

    Returns

    -

    TRUE if mode +

    TRUE if mode represents a valid file type and permissions

    ostree_validate_structureof_commit ()

    -
    gboolean
-ostree_validate_structureof_commit (GVariant *commit,
-                                    GError **error);
    +
    gboolean
+ostree_validate_structureof_commit (GVariant *commit,
+                                    GError **error);

    Use this to validate the basic structure of commit , independent of any other objects it references.

    @@ -2041,16 +2037,16 @@ any other objects it references.

    Returns

    -

    TRUE if commit +

    TRUE if commit is structurally valid

    ostree_validate_structureof_dirtree ()

    -
    gboolean
-ostree_validate_structureof_dirtree (GVariant *dirtree,
-                                     GError **error);
    +
    gboolean
+ostree_validate_structureof_dirtree (GVariant *dirtree,
+                                     GError **error);

    Use this to validate the basic structure of dirtree , independent of any other objects it references.

    @@ -2078,16 +2074,16 @@ any other objects it references.

    Returns

    -

    TRUE if dirtree +

    TRUE if dirtree is structurally valid

    ostree_validate_structureof_dirmeta ()

    -
    gboolean
-ostree_validate_structureof_dirmeta (GVariant *dirmeta,
-                                     GError **error);
    +
    gboolean
+ostree_validate_structureof_dirmeta (GVariant *dirmeta,
+                                     GError **error);

    Use this to validate the basic structure of dirmeta .

    @@ -2114,15 +2110,15 @@ ostree_validate_structureof_dirmeta (

    Returns

    -

    TRUE if dirmeta +

    TRUE if dirmeta is structurally valid

    ostree_commit_get_parent ()

    -
    gchar *
-ostree_commit_get_parent (GVariant *commit_variant);
    +
    gchar *
+ostree_commit_get_parent (GVariant *commit_variant);

    Parameters

    @@ -2141,22 +2137,22 @@ ostree_commit_get_parent (GVarian

    Returns

    Checksum of the parent commit of commit_variant -, or NULL +, or NULL if none

    ostree_commit_get_timestamp ()

    -
    guint64
-ostree_commit_get_timestamp (GVariant *commit_variant);
    +
    guint64
+ostree_commit_get_timestamp (GVariant *commit_variant);

    ostree_check_version ()

    -
    gboolean
-ostree_check_version (guint required_year,
-                      guint required_release);
    +
    gboolean
+ostree_check_version (guint required_year,
+                      guint required_release);

    Parameters

    @@ -2181,7 +2177,7 @@ ostree_check_version (guint

    Returns

    -

    TRUE if current libostree has at least the requested version, FALSE otherwise

    +

    TRUE if current libostree has at least the requested version, FALSE otherwise

    @@ -2205,13 +2201,6 @@ will be emitted.

    -

    OSTREE_MAX_RECURSION

    -
    #define OSTREE_MAX_RECURSION (256)
-
    -

    Maximum depth of metadata.

    -
    -
    -

    enum OstreeObjectType

    Enumeration for core object types; OSTREE_OBJECT_TYPE_FILE is for content, the other types are metadata.

    diff --git a/apidoc/html/ostree-GPG-signature-verification-results.html b/apidoc/html/ostree-GPG-signature-verification-results.html index df248994..6b7eec3b 100644 --- a/apidoc/html/ostree-GPG-signature-verification-results.html +++ b/apidoc/html/ostree-GPG-signature-verification-results.html @@ -41,7 +41,7 @@
    +, or NULL.

    @@ -244,22 +244,22 @@ signed by key_id

    Returns

    -

    TRUE on success, FALSE on failure

    +

    TRUE on success, FALSE on failure

    ostree_gpg_verify_result_get ()

    -
    GVariant *
+
    GVariant *
 ostree_gpg_verify_result_get (OstreeGpgVerifyResult *result,
-                              guint signature_index,
+                              guint signature_index,
                               OstreeGpgSignatureAttr *attrs,
-                              guint n_attrs);
    
-
    Builds a GVariant tuple of requested attributes for the GPG signature at
+                              guint n_attrs);
    +

    Builds a GVariant tuple of requested attributes for the GPG signature at signature_index in result . See the OstreeGpgSignatureAttr description -for the GVariantType of each available attribute.

    +for the GVariantType of each available attribute.

    It is a programmer error to request an invalid OstreeGpgSignatureAttr or an invalid signature_index . Use ostree_gpg_verify_result_count_all() to @@ -300,29 +300,29 @@ array

    Returns

    -

    a new, floating, GVariant tuple

    +

    a new, floating, GVariant tuple

    ostree_gpg_verify_result_get_all ()

    -
    GVariant *
+
    GVariant *
 ostree_gpg_verify_result_get_all (OstreeGpgVerifyResult *result,
-                                  guint signature_index);
    
-
    Builds a GVariant tuple of all available attributes for the GPG signature
+                                  guint signature_index);
    +

    Builds a GVariant tuple of all available attributes for the GPG signature at signature_index in result .

    -

    The child values in the returned GVariant tuple are ordered to match the +

    The child values in the returned GVariant tuple are ordered to match the OstreeGpgSignatureAttr enumeration, which means the enum values can be -used as index values in functions like g_variant_get_child(). See the -OstreeGpgSignatureAttr description for the GVariantType of each +used as index values in functions like g_variant_get_child(). See the +OstreeGpgSignatureAttr description for the GVariantType of each available attribute.

    The OstreeGpgSignatureAttr enumeration may be extended in the future - with new attributes, which would affect the GVariant tuple returned by + with new attributes, which would affect the GVariant tuple returned by this function. While the position and type of current child values in - the GVariant tuple will not change, to avoid backward-compatibility + the GVariant tuple will not change, to avoid backward-compatibility issues please do not depend on the tuple's overall size or type signature.

    @@ -355,7 +355,7 @@ available attribute.

    Returns

    -

    a new, floating, GVariant tuple

    +

    a new, floating, GVariant tuple

    @@ -363,9 +363,9 @@ available attribute.

    ostree_gpg_verify_result_describe ()

    void
 ostree_gpg_verify_result_describe (OstreeGpgVerifyResult *result,
-                                   guint signature_index,
-                                   GString *output_buffer,
-                                   const gchar *line_prefix,
+                                   guint signature_index,
+                                   GString *output_buffer,
+                                   const gchar *line_prefix,
                                    OstreeGpgSignatureFormatFlags flags);

    Appends a brief, human-readable description of the GPG signature at signature_index @@ -404,7 +404,7 @@ format. Currently must be 0.

     - + @@ -426,11 +426,11 @@ format. Currently must be 0.

    ostree_gpg_verify_result_describe_variant ()

    void
 ostree_gpg_verify_result_describe_variant
-                               (GVariant *variant,
-                                GString *output_buffer,
-                                const gchar *line_prefix,
+                               (GVariant *variant,
+                                GString *output_buffer,
+                                const gchar *line_prefix,
                                 OstreeGpgSignatureFormatFlags flags);
    -

    Similar to ostree_gpg_verify_result_describe() but takes a GVariant of +

    Similar to ostree_gpg_verify_result_describe() but takes a GVariant of all attributes for a GPG signature instead of an OstreeGpgVerifyResult and signature index.

    The variant @@ -447,12 +447,12 @@ and signature index.

     - + - + @@ -472,14 +472,14 @@ and signature index.

    ostree_gpg_verify_result_require_valid_signature ()

    -
    gboolean
+
    gboolean
 ostree_gpg_verify_result_require_valid_signature
                                (OstreeGpgVerifyResult *result,
-                                GError **error);
    
+                                GError **error);

    Checks if the result contains at least one signature from the trusted keyring. You can call this function immediately after ostree_repo_verify_summary() or ostree_repo_verify_commit_ext() - -it will handle the NULL result +it will handle the NULL result and filled error too.

    @@ -498,7 +498,7 @@ it will handle the NULL
    - + @@ -506,9 +506,9 @@ it will handle the NULL

    Returns

    -

    TRUE if result -was not NULL and had at least one -signature from trusted keyring, otherwise FALSE

    +

    TRUE if result +was not NULL and had at least one +signature from trusted keyring, otherwise FALSE

    @@ -524,7 +524,7 @@ signature from trusted keyring, otherwise FALSE

    enum OstreeGpgSignatureAttr

    Signature attributes available from an OstreeGpgVerifyResult. -The attribute's GVariantType is shown in brackets.

    +The attribute's GVariantType is shown in brackets.

    Members

    -guint +guint ostree_gpg_verify_result_count_all () @@ -49,7 +49,7 @@
    -guint +guint ostree_gpg_verify_result_count_valid () @@ -57,7 +57,7 @@
    -gboolean +gboolean ostree_gpg_verify_result_lookup () @@ -65,7 +65,7 @@
    -GVariant * +GVariant * ostree_gpg_verify_result_get () @@ -73,7 +73,7 @@
    -GVariant * +GVariant * ostree_gpg_verify_result_get_all () @@ -97,7 +97,7 @@
    -gboolean +gboolean ostree_gpg_verify_result_require_valid_signature () @@ -146,7 +146,7 @@ or get all signature details with

    Functions

    ostree_gpg_verify_result_count_all ()

    -
    guint
+
    guint
 ostree_gpg_verify_result_count_all (OstreeGpgVerifyResult *result);
    
 
    Counts all the signatures in result
 .
    
@@ -173,7 +173,7 @@ ostree_gpg_verify_result_count_all (
 
    
 
    ostree_gpg_verify_result_count_valid ()
    
-
    guint
+
    guint
 ostree_gpg_verify_result_count_valid (OstreeGpgVerifyResult *result);
    
 
    Counts only the valid signatures in result
 .
    
@@ -200,17 +200,17 @@ ostree_gpg_verify_result_count_valid (
 
    ostree_gpg_verify_result_lookup ()
    
-
    gboolean
+
    gboolean
 ostree_gpg_verify_result_lookup (OstreeGpgVerifyResult *result,
-                                 const gchar *key_id,
-                                 guint *out_signature_index);
    
+                                 const gchar *key_id,
+                                 guint *out_signature_index);
    
 
    Searches result
  for a signature signed by key_id
 .  If a match is found,
-the function returns TRUE and sets out_signature_index
+the function returns TRUE and sets out_signature_index
  so that further
 signature details can be obtained through ostree_gpg_verify_result_get().
-If no match is found, the function returns FALSE and leaves
+If no match is found, the function returns FALSE and leaves
 out_signature_index
  unchanged.
    
 
    
@@ -236,7 +236,7 @@ If no match is found, the function returns FALSE an

    out_signature_index

    return location for the index of the signature signed by key_id -, or NULL.

    		[out]

    output_buffer

    a GString to hold the description

    a GString to hold the description

    		  

    variant

    a GVariant from ostree_gpg_verify_result_get_all()

    a GVariant from ostree_gpg_verify_result_get_all()

    		  

    output_buffer

    a GString to hold the description

    a GString to hold the description

    		  

    error

    A GError

    A GError

    		  
    @@ -537,56 +537,56 @@ The attribute's GVariantType is shown in brackets.

     @@ -594,7 +594,7 @@ The attribute's GVariantType is shown in brackets.

     @@ -602,7 +602,7 @@ The attribute's GVariantType is shown in brackets.

     @@ -610,14 +610,14 @@ The attribute's GVariantType is shown in brackets.

     diff --git a/apidoc/html/ostree-In-memory-modifiable-filesystem-tree.html b/apidoc/html/ostree-In-memory-modifiable-filesystem-tree.html index 6cec6408..9e58eb2a 100644 --- a/apidoc/html/ostree-In-memory-modifiable-filesystem-tree.html +++ b/apidoc/html/ostree-In-memory-modifiable-filesystem-tree.html @@ -79,7 +79,7 @@ - + @@ -281,12 +281,12 @@ exist.

    ostree_mutable_tree_walk ()

    -
    gboolean
+
    gboolean
 ostree_mutable_tree_walk (OstreeMutableTree *self,
-                          GPtrArray *split_path,
-                          guint start,
+                          GPtrArray *split_path,
+                          guint start,
                           OstreeMutableTree **out_subdir,
-                          GError **error);
    
+                          GError **error);

    Traverse start number of elements starting from split_path ; the @@ -334,7 +334,7 @@ child will be returned in out_subdir

    ostree_mutable_tree_get_subdirs ()

    -
    GHashTable *
+
    GHashTable *
 ostree_mutable_tree_get_subdirs (OstreeMutableTree *self);
    
 
    
 
    Returns
    
@@ -345,7 +345,7 @@ ostree_mutable_tree_get_subdirs (
 
    
 
    ostree_mutable_tree_get_files ()
    
-
    GHashTable *
+
    GHashTable *
 ostree_mutable_tree_get_files (OstreeMutableTree *self);
    
 
    
 
    Returns
    
diff --git a/apidoc/html/ostree-Progress-notification-system-for-asynchronous-operations.html b/apidoc/html/ostree-Progress-notification-system-for-asynchronous-operations.html
index 60efeb05..d7313ffb 100644
--- a/apidoc/html/ostree-Progress-notification-system-for-asynchronous-operations.html
+++ b/apidoc/html/ostree-Progress-notification-system-for-asynchronous-operations.html
@@ -73,7 +73,7 @@
    + NULL);

    OSTREE_GPG_SIGNATURE_ATTR_VALID

    		 -

    [G_VARIANT_TYPE_BOOLEAN] Is the signature valid?

    +

    [G_VARIANT_TYPE_BOOLEAN] Is the signature valid?

    		  

    OSTREE_GPG_SIGNATURE_ATTR_SIG_EXPIRED

    		 -

    [G_VARIANT_TYPE_BOOLEAN] Has the signature expired?

    +

    [G_VARIANT_TYPE_BOOLEAN] Has the signature expired?

    		  

    OSTREE_GPG_SIGNATURE_ATTR_KEY_EXPIRED

    		 -

    [G_VARIANT_TYPE_BOOLEAN] Has the signing key expired?

    +

    [G_VARIANT_TYPE_BOOLEAN] Has the signing key expired?

    		  

    OSTREE_GPG_SIGNATURE_ATTR_KEY_REVOKED

    		 -

    [G_VARIANT_TYPE_BOOLEAN] Has the signing key been revoked?

    +

    [G_VARIANT_TYPE_BOOLEAN] Has the signing key been revoked?

    		  

    OSTREE_GPG_SIGNATURE_ATTR_KEY_MISSING

    		 -

    [G_VARIANT_TYPE_BOOLEAN] Is the signing key missing?

    +

    [G_VARIANT_TYPE_BOOLEAN] Is the signing key missing?

    		  

    OSTREE_GPG_SIGNATURE_ATTR_FINGERPRINT

    		 -

    [G_VARIANT_TYPE_STRING] Fingerprint of the signing key

    +

    [G_VARIANT_TYPE_STRING] Fingerprint of the signing key

    		  

    OSTREE_GPG_SIGNATURE_ATTR_TIMESTAMP

    		 -

    [G_VARIANT_TYPE_INT64] Signature creation Unix timestamp

    +

    [G_VARIANT_TYPE_INT64] Signature creation Unix timestamp

    		  

    OSTREE_GPG_SIGNATURE_ATTR_EXP_TIMESTAMP

    		 -

    [G_VARIANT_TYPE_INT64] Signature expiration Unix timestamp (0 if no +

    [G_VARIANT_TYPE_INT64] Signature expiration Unix timestamp (0 if no expiration)

    		  

    OSTREE_GPG_SIGNATURE_ATTR_PUBKEY_ALGO_NAME

    		 -

    [G_VARIANT_TYPE_STRING] Name of the public key algorithm used to create +

    [G_VARIANT_TYPE_STRING] Name of the public key algorithm used to create the signature

    		  

    OSTREE_GPG_SIGNATURE_ATTR_HASH_ALGO_NAME

    		 -

    [G_VARIANT_TYPE_STRING] Name of the hash algorithm used to create the +

    [G_VARIANT_TYPE_STRING] Name of the hash algorithm used to create the signature

    		  

    OSTREE_GPG_SIGNATURE_ATTR_USER_NAME

    		 -

    [G_VARIANT_TYPE_STRING] The name of the signing key's primary user

    +

    [G_VARIANT_TYPE_STRING] The name of the signing key's primary user

    		  

    OSTREE_GPG_SIGNATURE_ATTR_USER_EMAIL

    		 -

    [G_VARIANT_TYPE_STRING] The email address of the signing key's primary +

    [G_VARIANT_TYPE_STRING] The email address of the signing key's primary user

    		  
    -gboolean +gboolean ostree_mutable_tree_replace_file () @@ -87,7 +87,7 @@
    -gboolean +gboolean ostree_mutable_tree_ensure_dir () @@ -95,7 +95,7 @@
    -gboolean +gboolean ostree_mutable_tree_lookup () @@ -103,7 +103,7 @@
    -gboolean +gboolean ostree_mutable_tree_ensure_parent_dirs () @@ -111,7 +111,7 @@
    -gboolean +gboolean ostree_mutable_tree_walk () @@ -119,7 +119,7 @@
    -GHashTable * +GHashTable * ostree_mutable_tree_get_subdirs () @@ -127,7 +127,7 @@
    -GHashTable * +GHashTable * ostree_mutable_tree_get_files () @@ -202,41 +202,41 @@ ostree_mutable_tree_get_contents_checksum

    ostree_mutable_tree_replace_file ()

    -
    gboolean
+
    gboolean
 ostree_mutable_tree_replace_file (OstreeMutableTree *self,
                                   const char *name,
                                   const char *checksum,
-                                  GError **error);
    
+                                  GError **error);

    ostree_mutable_tree_ensure_dir ()

    -
    gboolean
+
    gboolean
 ostree_mutable_tree_ensure_dir (OstreeMutableTree *self,
                                 const char *name,
                                 OstreeMutableTree **out_subdir,
-                                GError **error);
    
+                                GError **error);

    ostree_mutable_tree_lookup ()

    -
    gboolean
+
    gboolean
 ostree_mutable_tree_lookup (OstreeMutableTree *self,
                             const char *name,
                             char **out_file_checksum,
                             OstreeMutableTree **out_subdir,
-                            GError **error);
    
+                            GError **error);

    ostree_mutable_tree_ensure_parent_dirs ()

    -
    gboolean
+
    gboolean
 ostree_mutable_tree_ensure_parent_dirs
                                (OstreeMutableTree *self,
-                                GPtrArray *split_path,
+                                GPtrArray *split_path,
                                 const char *metadata_checksum,
                                 OstreeMutableTree **out_parent,
-                                GError **error);
    
+                                GError **error);

    Create all parent trees necessary for the given split_path to exist.

    @@ -271,7 +271,7 @@ exist.

    error

    a GError

    a GError

    		  
    -GVariant * +GVariant * ostree_async_progress_get_variant () @@ -81,7 +81,7 @@
    -guint +guint ostree_async_progress_get_uint () @@ -89,7 +89,7 @@
    -guint64 +guint64 ostree_async_progress_get_uint64 () @@ -171,7 +171,7 @@ handles thread safety, ensuring that the progress change notification occurs in the thread-default context of the calling operation.

    The ostree_async_progress_get_status() and ostree_async_progress_set_status() -methods get and set a well-known status key of type G_VARIANT_TYPE_STRING. +methods get and set a well-known status key of type G_VARIANT_TYPE_STRING. This key may be accessed using the other OstreeAsyncProgress methods, but it must always have the correct type.

    @@ -192,7 +192,7 @@ ostree_async_progress_new (void

    ostree_async_progress_new_and_connect ()

    OstreeAsyncProgress *
 ostree_async_progress_new_and_connect (void (*changed) (OstreeAsyncProgress *self, gpointer user_data),
-                                       gpointer user_data);
    + gpointer user_data);
    @@ -200,7 +200,7 @@ ostree_async_progress_new_and_connect (char * ostree_async_progress_get_status (OstreeAsyncProgress *self);

    Get the human-readable status string from the OstreeAsyncProgress. This -operation is thread-safe. The retuned value may be NULL if no status is +operation is thread-safe. The retuned value may be NULL if no status is set.

    This is a convenience function to get the well-known status key.

    @@ -220,7 +220,7 @@ set.

    Returns

    -

    the current status, or NULL if none is set.

    +

    the current status, or NULL if none is set.

    [transfer full][nullable]

    Since: 2017.6

    @@ -233,9 +233,9 @@ ostree_async_progress_get (...);

    Get the values corresponding to zero or more keys from the OstreeAsyncProgress. Each key is specified in @... as the key name, followed -by a GVariant format string, followed by the necessary arguments for that -format string, just as for g_variant_get(). After those arguments is the -next key name. The varargs list must be NULL-terminated.

    +by a GVariant format string, followed by the necessary arguments for that +format string, just as for g_variant_get(). After those arguments is the +next key name. The varargs list must be NULL-terminated.

    Each format string must make deep copies of its value, as the values stored in the OstreeAsyncProgress may be freed from another thread after this function returns.

    @@ -257,15 +257,15 @@ function returns.

    11
    		 
    guint32 outstanding_fetches;
 guint64 bytes_received;
-g_autofree gchar *status = NULL;
-g_autoptr(GVariant) refs_variant = NULL;
+g_autofree gchar *status = NULL;
+g_autoptr(GVariant) refs_variant = NULL;
 
 ostree_async_progress_get (progress,
                            "outstanding-fetches", "u", &outstanding_fetches,
                            "bytes-received", "t", &bytes_received,
                            "status", "s", &status,
                            "refs", "@a{ss}", &refs_variant,
-                           NULL);
    @@ -288,7 +288,7 @@ function returns.

    ...

    -

    key name, format string, GVariant return locations, …, followed by NULL

    +

    key name, format string, GVariant return locations, …, followed by NULL

      @@ -299,10 +299,10 @@ function returns.

    ostree_async_progress_get_variant ()

    -
    GVariant *
+
    GVariant *
 ostree_async_progress_get_variant (OstreeAsyncProgress *self,
                                    const char *key);
    
-
    Look up a key in the OstreeAsyncProgress and return the GVariant associated
+
    Look up a key in the OstreeAsyncProgress and return the GVariant associated
 with it. The lookup is thread-safe.
    
 
    
 
    Parameters
    
@@ -329,7 +329,7 @@ with it. The lookup is thread-safe.
    
 
    
 
    Returns
    
 
     value for the given key
-, or NULL if
+, or NULL if
 it was not set. 
    
 
    [transfer full][nullable]
    
 
    
@@ -338,14 +338,14 @@ it was not set. 
    
 
    
 
    
 
    ostree_async_progress_get_uint ()
    
-
    guint
+
    guint
 ostree_async_progress_get_uint (OstreeAsyncProgress *self,
                                 const char *key);
    
 
    
 
    
 
    
 
    ostree_async_progress_get_uint64 ()
    
-
    guint64
+
    guint64
 ostree_async_progress_get_uint64 (OstreeAsyncProgress *self,
                                   const char *key);
    
 
    
@@ -356,7 +356,7 @@ ostree_async_progress_get_uint64 (OstreeAsyncProgress *self,
                                   const char *status);

    Set the human-readable status string for the OstreeAsyncProgress. This -operation is thread-safe. NULL may be passed to clear the status.

    +operation is thread-safe. NULL may be passed to clear the status.

    This is a convenience function to set the well-known status key.

    Parameters

    @@ -374,7 +374,7 @@ operation is thread-safe. NULL may be passed to cle

    status

    -

    new status string, or NULL to clear the status.

    +

    new status string, or NULL to clear the status.

    [nullable] @@ -389,11 +389,11 @@ operation is thread-safe. NULL may be passed to cle ostree_async_progress_set (OstreeAsyncProgress *self, ...);

    Set the values for zero or more keys in the OstreeAsyncProgress. Each key is -specified in @... as the key name, followed by a GVariant format string, +specified in @... as the key name, followed by a GVariant format string, followed by the necessary arguments for that format string, just as for -g_variant_new(). After those arguments is the next key name. The varargs list -must be NULL-terminated.

    -

    g_variant_ref_sink() will be called as appropriate on the GVariant +g_variant_new(). After those arguments is the next key name. The varargs list +must be NULL-terminated.

    +

    g_variant_ref_sink() will be called as appropriate on the GVariant parameters, so they may be floating.

    This operation is thread-safe, and all the keys are set atomically.

    @@ -416,8 +416,8 @@ parameters, so they may be floating.

    "outstanding-fetches", "u", outstanding_fetches, "bytes-received", "t", bytes_received, "status", "s", "Updated status", - "refs", "@a{ss}", g_variant_new_parsed ("@a{ss} {}"), - NULL); + "refs", "@a{ss}", g_variant_new_parsed ("@a{ss} {}"), + NULL); @@ -440,7 +440,7 @@ parameters, so they may be floating.

    ...

    -

    key name, format string, GVariant parameters, …, followed by NULL

    +

    key name, format string, GVariant parameters, …, followed by NULL

      @@ -454,13 +454,13 @@ parameters, so they may be floating.

    void
 ostree_async_progress_set_variant (OstreeAsyncProgress *self,
                                    const char *key,
-                                   GVariant *value);
    + GVariant *value);

    Assign a new value to the given key , replacing any existing value. The operation is thread-safe. value may be a floating reference; -g_variant_ref_sink() will be called on it.

    +g_variant_ref_sink() will be called on it.

    Any watchers of the OstreeAsyncProgress will be notified of the change if value differs from the existing value for key @@ -501,7 +501,7 @@ operation is thread-safe. value 

    void
 ostree_async_progress_set_uint (OstreeAsyncProgress *self,
                                 const char *key,
-                                guint value);
    + guint value);
    @@ -509,7 +509,7 @@ ostree_async_progress_set_uint (void ostree_async_progress_set_uint64 (OstreeAsyncProgress *self, const char *key, - guint64 value); + guint64 value);
    diff --git a/apidoc/html/ostree-Root-partition-mount-point.html b/apidoc/html/ostree-Root-partition-mount-point.html index 4aedf7cf..2f0e113a 100644 --- a/apidoc/html/ostree-Root-partition-mount-point.html +++ b/apidoc/html/ostree-Root-partition-mount-point.html @@ -57,7 +57,7 @@ -GFile * +GFile * ostree_sysroot_get_path () @@ -65,7 +65,7 @@ -gboolean +gboolean ostree_sysroot_load () @@ -73,7 +73,7 @@ -gboolean +gboolean ostree_sysroot_load_if_changed () @@ -81,7 +81,7 @@ -gboolean +gboolean ostree_sysroot_lock () @@ -89,7 +89,7 @@ -gboolean +gboolean ostree_sysroot_try_lock () @@ -105,7 +105,7 @@ -gboolean +gboolean ostree_sysroot_lock_finish () @@ -137,7 +137,7 @@ -gboolean +gboolean ostree_sysroot_ensure_initialized () @@ -161,7 +161,7 @@ -GPtrArray * +GPtrArray * ostree_sysroot_get_deployments () @@ -177,7 +177,7 @@ -GFile * +GFile * ostree_sysroot_get_deployment_directory () @@ -193,7 +193,7 @@ -GFile * +GFile * ostree_sysroot_get_deployment_origin_path () @@ -201,7 +201,7 @@ -gboolean +gboolean ostree_sysroot_cleanup () @@ -209,7 +209,7 @@ -gboolean +gboolean ostree_sysroot_prepare_cleanup () @@ -217,7 +217,15 @@ -gboolean +OstreeRepo * + + +ostree_sysroot_repo () + + + + +gboolean ostree_sysroot_get_repo () @@ -225,7 +233,7 @@ -gboolean +gboolean ostree_sysroot_init_osname () @@ -233,7 +241,7 @@ -gboolean +gboolean ostree_sysroot_deployment_set_kargs () @@ -241,7 +249,7 @@ -gboolean +gboolean ostree_sysroot_deployment_set_mutable () @@ -249,7 +257,7 @@ -gboolean +gboolean ostree_sysroot_deployment_unlock () @@ -257,7 +265,7 @@ -gboolean +gboolean ostree_sysroot_write_deployments () @@ -265,7 +273,7 @@ -gboolean +gboolean ostree_sysroot_write_deployments_with_options () @@ -273,7 +281,7 @@ -gboolean +gboolean ostree_sysroot_write_origin_file () @@ -281,7 +289,7 @@ -gboolean +gboolean ostree_sysroot_deploy_tree () @@ -297,7 +305,15 @@ -GKeyFile * +void + + +ostree_sysroot_query_deployments_for () + + + + +GKeyFile * ostree_sysroot_origin_new_from_refspec () @@ -305,7 +321,7 @@ -gboolean +gboolean ostree_sysroot_simple_write_deployment () @@ -348,7 +364,7 @@ perform locking externally.

    ostree_sysroot_new ()

    OstreeSysroot *
-ostree_sysroot_new (GFile *path);
    +ostree_sysroot_new (GFile *path);

    Parameters

    @@ -359,7 +375,7 @@ ostree_sysroot_new (GFile - +

    path

    Path to a system root directory, or NULL.

    Path to a system root directory, or NULL.

    		[allow-none]
    @@ -385,7 +401,7 @@ ostree_sysroot_new_default (void<

    ostree_sysroot_get_path ()

    -
    GFile *
+
    GFile *
 ostree_sysroot_get_path (OstreeSysroot *self);
    
 
    
 
    Returns
    
@@ -396,10 +412,10 @@ ostree_sysroot_get_path (
 
    ostree_sysroot_load ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_load (OstreeSysroot *self,
-                     GCancellable *cancellable,
-                     GError **error);
    
+                     GCancellable *cancellable,
+                     GError **error);
    
 
    Load deployment list, bootversion, and subbootversion from the
 rootfs self
 .
    
@@ -434,18 +450,18 @@ rootfs self
 
    
 
    
 
    ostree_sysroot_load_if_changed ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_load_if_changed (OstreeSysroot *self,
-                                gboolean *out_changed,
-                                GCancellable *cancellable,
-                                GError **error);
    
+                                gboolean *out_changed,
+                                GCancellable *cancellable,
+                                GError **error);
    
 
    
 
    
 
    
 
    ostree_sysroot_lock ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_lock (OstreeSysroot *self,
-                     GError **error);
    
+                     GError **error);
    
 
    Acquire an exclusive multi-process write lock for self
 .  This call
 blocks until the lock has been acquired.  The lock is not
@@ -479,15 +495,15 @@ be released if self
 
    
 
    
 
    ostree_sysroot_try_lock ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_try_lock (OstreeSysroot *self,
-                         gboolean *out_acquired,
-                         GError **error);
    
+                         gboolean *out_acquired,
+                         GError **error);
    
 
    Try to acquire an exclusive multi-process write lock for self
 .  If
 another process holds the lock, this function will return
 immediately, setting out_acquired
- to FALSE, and returning TRUE
+ to FALSE, and returning TRUE
 (and no error).
    
 
    Release the lock with ostree_sysroot_unlock().  The lock will also
 be released if self
@@ -525,9 +541,9 @@ be released if self
 
    ostree_sysroot_lock_async ()
    
 
    void
 ostree_sysroot_lock_async (OstreeSysroot *self,
-                           GCancellable *cancellable,
-                           GAsyncReadyCallback callback,
-                           gpointer user_data);
    
+                           GCancellable *cancellable,
+                           GAsyncReadyCallback callback,
+                           gpointer user_data);

    An asynchronous version of ostree_sysroot_lock().

    Parameters

    @@ -565,10 +581,10 @@ ostree_sysroot_lock_async (

    ostree_sysroot_lock_finish ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_lock_finish (OstreeSysroot *self,
-                            GAsyncResult *result,
-                            GError **error);
    
+                            GAsyncResult *result,
+                            GError **error);

    Call when ostree_sysroot_lock_async() is ready.

    Parameters

    @@ -680,10 +696,10 @@ calling this function.

    ostree_sysroot_ensure_initialized ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_ensure_initialized (OstreeSysroot *self,
-                                   GCancellable *cancellable,
-                                   GError **error);
    
+                                   GCancellable *cancellable,
+                                   GError **error);

    Ensure that self is set up as a valid rootfs, by creating /ostree/repo, among other things.

    @@ -730,7 +746,7 @@ ostree_sysroot_get_subbootversion (

    ostree_sysroot_get_deployments ()

    -
    GPtrArray *
+
    GPtrArray *
 ostree_sysroot_get_deployments (OstreeSysroot *self);
    
 
    
 
    Parameters
    
@@ -775,14 +791,14 @@ ostree_sysroot_get_booted_deployment (
 
    Returns
    
-
     The currently booted deployment, or NULL if none. 
    
+
     The currently booted deployment, or NULL if none. 
    
 
    [transfer none]

    ostree_sysroot_get_deployment_directory ()

    -
    GFile *
+
    GFile *
 ostree_sysroot_get_deployment_directory
                                (OstreeSysroot *self,
                                 OstreeDeployment *deployment);
    
@@ -854,9 +870,9 @@ or concatenate it with the full 
 
    ostree_sysroot_get_deployment_origin_path ()
    
-
    GFile *
+
    GFile *
 ostree_sysroot_get_deployment_origin_path
-                               (GFile *deployment_path);
    
+                               (GFile *deployment_path);
    
 
    
 
    Parameters
    
 
    
@@ -881,10 +897,10 @@ ostree_sysroot_get_deployment_origin_path
 
    
 
    ostree_sysroot_cleanup ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_cleanup (OstreeSysroot *self,
-                        GCancellable *cancellable,
-                        GError **error);
    
+                        GCancellable *cancellable,
+                        GError **error);
    
 
    Delete any state that resulted from a partially completed
 transaction, such as incomplete deployments.
    
 
    
@@ -918,10 +934,10 @@ transaction, such as incomplete deployments.
    
 
    
 
    
 
    ostree_sysroot_prepare_cleanup ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_prepare_cleanup (OstreeSysroot *self,
-                                GCancellable *cancellable,
-                                GError **error);
    
+                                GCancellable *cancellable,
+                                GError **error);
    
 
    Like ostree_sysroot_cleanup() in that it cleans up incomplete deployments
 and old boot versions, but does NOT prune the repository.
    
 
    
@@ -954,12 +970,42 @@ and old boot versions, but does NOT prune the repository.
    
 
    
 
    
 
    
+
    ostree_sysroot_repo ()
    
+
    OstreeRepo *
+ostree_sysroot_repo (OstreeSysroot *self);
    
+
    This function is a variant of ostree_sysroot_get_repo() that cannot fail, and
+returns a cached repository. Can only be called after ostree_sysroot_load()
+has been invoked successfully.
    
+
    
+
    Parameters
    
+
    
 
    
+++++
+
+
+
+
+
+
    




    self
    Sysroot
    		 
    
+
    
+
    
+
    Returns
    
+
     The OSTree repository in sysroot self
+. 
    
+
    [transfer none]
    
+
    
+
    +
    +

    ostree_sysroot_get_repo ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_get_repo (OstreeSysroot *self,
                          OstreeRepo **out_repo,
-                         GCancellable *cancellable,
-                         GError **error);
    
+                         GCancellable *cancellable,
+                         GError **error);

    Retrieve the OSTree repository in sysroot self .

    @@ -999,11 +1045,11 @@ ostree_sysroot_get_repo (

    ostree_sysroot_init_osname ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_init_osname (OstreeSysroot *self,
                             const char *osname,
-                            GCancellable *cancellable,
-                            GError **error);
    
+                            GCancellable *cancellable,
+                            GError **error);

    Initialize the directory structure for an "osname", which is a group of operating system deployments, with a shared /var. One is required for generating a deployment.

    @@ -1043,12 +1089,12 @@ is required for generating a deployment.

    ostree_sysroot_deployment_set_kargs ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_deployment_set_kargs (OstreeSysroot *self,
                                      OstreeDeployment *deployment,
                                      char **new_kargs,
-                                     GCancellable *cancellable,
-                                     GError **error);
    
+                                     GCancellable *cancellable,
+                                     GError **error);

    Entirely replace the kernel arguments of deployment with the values in new_kargs @@ -1094,12 +1140,12 @@ values in new_kargs

    ostree_sysroot_deployment_set_mutable ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_deployment_set_mutable (OstreeSysroot *self,
                                        OstreeDeployment *deployment,
-                                       gboolean is_mutable,
-                                       GCancellable *cancellable,
-                                       GError **error);
    
+                                       gboolean is_mutable,
+                                       GCancellable *cancellable,
+                                       GError **error);

    By default, deployment directories are not mutable. This function will allow making them temporarily mutable, for example to allow layering additional non-OSTree content.

    @@ -1144,12 +1190,12 @@ layering additional non-OSTree content.

    ostree_sysroot_deployment_unlock ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_deployment_unlock (OstreeSysroot *self,
                                   OstreeDeployment *deployment,
                                   OstreeDeploymentUnlockedState unlocked_state,
-                                  GCancellable *cancellable,
-                                  GError **error);
    
+                                  GCancellable *cancellable,
+                                  GError **error);

    Configure the target deployment deployment such that it is writable. There are multiple modes, essentially differing @@ -1197,11 +1243,11 @@ across reboots.

    ostree_sysroot_write_deployments ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_write_deployments (OstreeSysroot *self,
-                                  GPtrArray *new_deployments,
-                                  GCancellable *cancellable,
-                                  GError **error);
    
+                                  GPtrArray *new_deployments,
+                                  GCancellable *cancellable,
+                                  GError **error);

    Older version of ostree_sysroot_write_deployments_with_options(). This version will perform post-deployment cleanup by default.

    @@ -1240,13 +1286,13 @@ version will perform post-deployment cleanup by default.

    ostree_sysroot_write_deployments_with_options ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_write_deployments_with_options
                                (OstreeSysroot *self,
-                                GPtrArray *new_deployments,
+                                GPtrArray *new_deployments,
                                 OstreeSysrootWriteDeploymentsOpts *opts,
-                                GCancellable *cancellable,
-                                GError **error);
    
+                                GCancellable *cancellable,
+                                GError **error);

    Assuming new_deployments have already been deployed in place on disk via ostree_sysroot_deploy_tree(), atomically update bootloader configuration. By @@ -1296,17 +1342,17 @@ if for example you want to control pruning of the repository.

    ostree_sysroot_write_origin_file ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_write_origin_file (OstreeSysroot *sysroot,
                                   OstreeDeployment *deployment,
-                                  GKeyFile *new_origin,
-                                  GCancellable *cancellable,
-                                  GError **error);
    
+                                  GKeyFile *new_origin,
+                                  GCancellable *cancellable,
+                                  GError **error);

    Immediately replace the origin file of the referenced deployment with the contents of new_origin . If new_origin - is NULL, + is NULL, this function will write the current origin of deployment .

    @@ -1350,16 +1396,16 @@ this function will write the current origin of deplo

    ostree_sysroot_deploy_tree ()

    -
    gboolean
+
    gboolean
 ostree_sysroot_deploy_tree (OstreeSysroot *self,
                             const char *osname,
                             const char *revision,
-                            GKeyFile *origin,
+                            GKeyFile *origin,
                             OstreeDeployment *provided_merge_deployment,
                             char **override_kernel_argv,
                             OstreeDeployment **out_new_deployment,
-                            GCancellable *cancellable,
-                            GError **error);
    
+                            GCancellable *cancellable,
+                            GError **error);

    Check out deployment tree with revision revision , performing a 3 way merge with provided_merge_deployment @@ -1400,7 +1446,7 @@ way merge with provided_merge_deployment

    override_kernel_argv

    -

    Use these as kernel arguments; if NULL, inherit options from provided_merge_deployment.

    +

    Use these as kernel arguments; if NULL, inherit options from provided_merge_deployment.

    [allow-none][array zero-terminated=1][element-type utf8] @@ -1460,8 +1506,59 @@ the first one in the current deployment list which matches osname.

    +

    ostree_sysroot_query_deployments_for ()

    +
    void
+ostree_sysroot_query_deployments_for (OstreeSysroot *self,
+                                      const char *osname,
+                                      OstreeDeployment **out_pending,
+                                      OstreeDeployment **out_rollback);
    +

    Find the pending and rollback deployments for osname +. Pass NULL for osname + +to use the booted deployment's osname. By default, pending deployment is the +first deployment in the order that matches osname +, and rollback + will be the +next one after the booted deployment, or the deployment after the pending if +we're not looking at the booted deployment.

    +
    +

    Parameters

    +
    +++++ + + + + + + + + + + + + + + + + + + + + + + +

    self

    Sysroot

    		 

    osname

    "stateroot" name.

    		[allow-none]

    out_pending

    The pending deployment.

    		[out][allow-none][transfer full]

    out_rollback

    The rollback deployment.

    		[out][allow-none][transfer full]
    +
    +

    Since: 2017.7

    +
    +
    +

    ostree_sysroot_origin_new_from_refspec ()

    -
    GKeyFile *
+
    GKeyFile *
 ostree_sysroot_origin_new_from_refspec
                                (OstreeSysroot *self,
                                 const char *refspec);
    
@@ -1497,15 +1594,15 @@ as an origin. 
    
 
    
 
    
 
    ostree_sysroot_simple_write_deployment ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_simple_write_deployment
                                (OstreeSysroot *sysroot,
                                 const char *osname,
                                 OstreeDeployment *new_deployment,
                                 OstreeDeployment *merge_deployment,
                                 OstreeSysrootSimpleWriteDeploymentFlags flags,
-                                GCancellable *cancellable,
-                                GError **error);
    
+                                GCancellable *cancellable,
+                                GError **error);
    
 
    Prepend new_deployment
  to the list of deployments, commit, and
 cleanup.  By default, all other deployments for the given osname
@@ -1517,6 +1614,10 @@ specified, then all current deployments will be kept.
    
 
    If OSTREE_SYSROOT_SIMPLE_WRITE_DEPLOYMENT_FLAGS_NOT_DEFAULT is
 specified, then instead of prepending, the new deployment will be
 added right after the booted or merge deployment, instead of first.
    
+
    If OSTREE_SYSROOT_SIMPLE_WRITE_DEPLOYMENT_FLAGS_NO_CLEAN is
+specified, then no cleanup will be performed after adding the
+deployment. Make sure to call ostree_sysroot_cleanup() sometime
+later, instead.
    
 
    
 
    Parameters
    
 
    
diff --git a/apidoc/html/ostree-SELinux-policy-management.html b/apidoc/html/ostree-SELinux-policy-management.html
index c3989269..5c373ddd 100644
--- a/apidoc/html/ostree-SELinux-policy-management.html
+++ b/apidoc/html/ostree-SELinux-policy-management.html
@@ -57,7 +57,7 @@
 
    
 
    
 
-GFile *
+GFile *
 
 
 ostree_sepolicy_get_path ()
@@ -72,7 +72,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sepolicy_get_label ()
@@ -87,7 +87,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sepolicy_restorecon ()
@@ -95,7 +95,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sepolicy_setfscreatecon ()
@@ -141,9 +141,9 @@ root and perform labeling.
    
 
    
 
    ostree_sepolicy_new ()
    
 
    OstreeSePolicy *
-ostree_sepolicy_new (GFile *path,
-                     GCancellable *cancellable,
-                     GError **error);
    
+ostree_sepolicy_new (GFile *path,
+                     GCancellable *cancellable,
+                     GError **error);
 
    
 
    Parameters
    
 
    
@@ -183,8 +183,8 @@ ostree_sepolicy_new (GFile
 
    ostree_sepolicy_new_at ()
    
 
    OstreeSePolicy *
 ostree_sepolicy_new_at (int rootfs_dfd,
-                        GCancellable *cancellable,
-                        GError **error);
    
+                        GCancellable *cancellable,
+                        GError **error);
 
    
 
    Parameters
    
 
    
@@ -222,7 +222,7 @@ ostree_sepolicy_new_at (int
 
    
 
    ostree_sepolicy_get_path ()
    
-
    GFile *
+
    GFile *
 ostree_sepolicy_get_path (OstreeSePolicy *self);
    
 
    
 
    Returns
    
@@ -244,18 +244,18 @@ ostree_sepolicy_get_name (
 
    ostree_sepolicy_get_label ()
    
-
    gboolean
+
    gboolean
 ostree_sepolicy_get_label (OstreeSePolicy *self,
                            const char *relpath,
-                           guint32 unix_mode,
+                           guint32 unix_mode,
                            char **out_label,
-                           GCancellable *cancellable,
-                           GError **error);
    
+                           GCancellable *cancellable,
+                           GError **error);
    
 
    Store in out_label
  the security context for the given relpath
  and
 mode unix_mode
-.  If the policy does not specify a label, NULL
+.  If the policy does not specify a label, NULL
 will be returned.
    
 
    
 
    Parameters
    
@@ -314,15 +314,15 @@ ostree_sepolicy_get_csum (
 
    ostree_sepolicy_restorecon ()
    
-
    gboolean
+
    gboolean
 ostree_sepolicy_restorecon (OstreeSePolicy *self,
                             const char *path,
-                            GFileInfo *info,
-                            GFile *target,
+                            GFileInfo *info,
+                            GFile *target,
                             OstreeSePolicyRestoreconFlags flags,
                             char **out_new_label,
-                            GCancellable *cancellable,
-                            GError **error);
    
+                            GCancellable *cancellable,
+                            GError **error);
    
 
    Reset the security context of target
  based on the SELinux policy.
    
 
    
@@ -361,7 +361,7 @@ ostree_sepolicy_restorecon (
    out_new_label
    
-
    
+
@@ -381,11 +381,11 @@ ostree_sepolicy_restorecon (
 
    ostree_sepolicy_setfscreatecon ()
    
-
    gboolean
+
    gboolean
 ostree_sepolicy_setfscreatecon (OstreeSePolicy *self,
                                 const char *path,
-                                guint32 mode,
-                                GError **error);
    
+                                guint32 mode,
+                                GError **error);
    
 
    
 
    Parameters
    
 
     New label, or NULL if unchanged. 
     New label, or NULL if unchanged. 
    		
 [allow-none][out]
 
    
 
    
diff --git a/apidoc/html/ostree-Simple-upgrade-class.html b/apidoc/html/ostree-Simple-upgrade-class.html
index f216d0ca..573e5da0 100644
--- a/apidoc/html/ostree-Simple-upgrade-class.html
+++ b/apidoc/html/ostree-Simple-upgrade-class.html
@@ -65,7 +65,7 @@
 
 
    
 
-GKeyFile *
+GKeyFile *
 
 
 ostree_sysroot_upgrader_get_origin ()
@@ -73,7 +73,7 @@
 
    
 
    
 
-GKeyFile *
+GKeyFile *
 
 
 ostree_sysroot_upgrader_dup_origin ()
@@ -81,7 +81,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sysroot_upgrader_set_origin ()
@@ -97,7 +97,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sysroot_upgrader_check_timestamps ()
@@ -105,7 +105,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sysroot_upgrader_pull ()
@@ -113,7 +113,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sysroot_upgrader_pull_one_dir ()
@@ -121,7 +121,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_sysroot_upgrader_deploy ()
@@ -164,8 +164,8 @@ operations.
    
 
    ostree_sysroot_upgrader_new ()
    
 
    OstreeSysrootUpgrader *
 ostree_sysroot_upgrader_new (OstreeSysroot *sysroot,
-                             GCancellable *cancellable,
-                             GError **error);
    
+                             GCancellable *cancellable,
+                             GError **error);
 
    
 
    Parameters
    
 
    
@@ -205,8 +205,8 @@ ostree_sysroot_upgrader_new (OstreeSysrootUpgrader *
 ostree_sysroot_upgrader_new_for_os (OstreeSysroot *sysroot,
                                     const char *osname,
-                                    GCancellable *cancellable,
-                                    GError **error);
+                                    GCancellable *cancellable,
+                                    GError **error);
 
    
 
    Parameters
    
 
    
@@ -253,8 +253,8 @@ ostree_sysroot_upgrader_new_for_os_with_flags
                                (OstreeSysroot *sysroot,
                                 const char *osname,
                                 OstreeSysrootUpgraderFlags flags,
-                                GCancellable *cancellable,
-                                GError **error);
+                                GCancellable *cancellable,
+                                GError **error);
 
    
 
    Parameters
    
 
    
@@ -301,7 +301,7 @@ ostree_sysroot_upgrader_new_for_os_with_flags
 
    
 
    
 
    ostree_sysroot_upgrader_get_origin ()
    
-
    GKeyFile *
+
    GKeyFile *
 ostree_sysroot_upgrader_get_origin (OstreeSysrootUpgrader *self);
    
 
    
 
    Parameters
    
@@ -320,14 +320,14 @@ ostree_sysroot_upgrader_get_origin (
 
    
 
    Returns
    
-
     The origin file, or NULL if unknown. 
    
+
     The origin file, or NULL if unknown. 
    
 
    [transfer none]
    
 
    
 
    
 
    
 
    
 
    ostree_sysroot_upgrader_dup_origin ()
    
-
    GKeyFile *
+
    GKeyFile *
 ostree_sysroot_upgrader_dup_origin (OstreeSysrootUpgrader *self);
    
 
    
 
    Parameters
    
@@ -346,18 +346,18 @@ ostree_sysroot_upgrader_dup_origin (
 
    
 
    Returns
    
-
     A copy of the origin file, or NULL if unknown. 
    
+
     A copy of the origin file, or NULL if unknown. 
    
 
    [transfer full]
    
 
    
 
    
 
    
 
    
 
    ostree_sysroot_upgrader_set_origin ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_upgrader_set_origin (OstreeSysrootUpgrader *self,
-                                    GKeyFile *origin,
-                                    GCancellable *cancellable,
-                                    GError **error);
    
+                                    GKeyFile *origin,
+                                    GCancellable *cancellable,
+                                    GError **error);
    
 
    Replace the origin with origin
 .
    
 
    
@@ -416,18 +416,18 @@ ostree_sysroot_upgrader_get_origin_description
 
    
 
    
 
    Returns
    
-
     A one-line descriptive summary of the origin, or NULL if unknown
    
+
     A one-line descriptive summary of the origin, or NULL if unknown
    
 
    
 
    
 
    
 
    
 
    ostree_sysroot_upgrader_check_timestamps ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_upgrader_check_timestamps
                                (OstreeRepo *repo,
                                 const char *from_rev,
                                 const char *to_rev,
-                                GError **error);
    
+                                GError **error);
    
 
    Check that the timestamp on to_rev
  is equal to or newer than
 from_rev
@@ -469,21 +469,21 @@ attackers which provide a client with an older commit.
    
 
    
 
    
 
    ostree_sysroot_upgrader_pull ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_upgrader_pull (OstreeSysrootUpgrader *self,
                               OstreeRepoPullFlags flags,
                               OstreeSysrootUpgraderPullFlags upgrader_flags,
                               OstreeAsyncProgress *progress,
-                              gboolean *out_changed,
-                              GCancellable *cancellable,
-                              GError **error);
    
+                              gboolean *out_changed,
+                              GCancellable *cancellable,
+                              GError **error);
    
 
    Perform a pull from the origin.  First check if the ref has
 changed, if so download the linked objects, and store the updated
 ref locally.  Then out_changed
- will be TRUE.
    
+ will be TRUE.
    
 
    If the origin remote is unchanged, out_changed
  will be set to
-FALSE.
    
+FALSE.
    
 
    
 
    Parameters
    
 
    
@@ -535,15 +535,15 @@ ref locally.  Then out_changed
 
    
 
    
 
    ostree_sysroot_upgrader_pull_one_dir ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_upgrader_pull_one_dir (OstreeSysrootUpgrader *self,
                                       const char *dir_to_pull,
                                       OstreeRepoPullFlags flags,
                                       OstreeSysrootUpgraderPullFlags upgrader_flags,
                                       OstreeAsyncProgress *progress,
-                                      gboolean *out_changed,
-                                      GCancellable *cancellable,
-                                      GError **error);
    
+                                      gboolean *out_changed,
+                                      GCancellable *cancellable,
+                                      GError **error);
    
 
    Like ostree_sysroot_upgrader_pull(), but allows retrieving just a
 subpath of the tree.  This can be used to download metadata files
 from inside the tree such as package databases.
    
@@ -603,10 +603,10 @@ from inside the tree such as package databases.
    
 
    
 
    
 
    ostree_sysroot_upgrader_deploy ()
    
-
    gboolean
+
    gboolean
 ostree_sysroot_upgrader_deploy (OstreeSysrootUpgrader *self,
-                                GCancellable *cancellable,
-                                GError **error);
    
+                                GCancellable *cancellable,
+                                GError **error);
    
 
    Write the new deployment to disk, perform a configuration merge
 with /etc, and update the bootloader configuration.
    
 
    
diff --git a/apidoc/html/ostree-ostree-bootconfig-parser.html b/apidoc/html/ostree-ostree-bootconfig-parser.html
index 476e0e45..27cad96e 100644
--- a/apidoc/html/ostree-ostree-bootconfig-parser.html
+++ b/apidoc/html/ostree-ostree-bootconfig-parser.html
@@ -57,7 +57,7 @@
 
 
    
 
-gboolean
+gboolean
 
 
 ostree_bootconfig_parser_parse ()
@@ -65,7 +65,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_bootconfig_parser_parse_at ()
@@ -73,7 +73,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_bootconfig_parser_write ()
@@ -81,7 +81,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_bootconfig_parser_write_at ()
@@ -158,21 +158,21 @@ ostree_bootconfig_parser_clone (
 
    
 
    ostree_bootconfig_parser_parse ()
    
-
    gboolean
+
    gboolean
 ostree_bootconfig_parser_parse (OstreeBootconfigParser *self,
-                                GFile *path,
-                                GCancellable *cancellable,
-                                GError **error);
    
+                                GFile *path,
+                                GCancellable *cancellable,
+                                GError **error);
    
 
    
 
    
 
    
 
    ostree_bootconfig_parser_parse_at ()
    
-
    gboolean
+
    gboolean
 ostree_bootconfig_parser_parse_at (OstreeBootconfigParser *self,
                                    int dfd,
                                    const char *path,
-                                   GCancellable *cancellable,
-                                   GError **error);
    
+                                   GCancellable *cancellable,
+                                   GError **error);
    
 
    Initialize a bootconfig from the given file.
    
 
    
 
    Parameters
    
@@ -215,21 +215,21 @@ ostree_bootconfig_parser_parse_at (
 
    
 
    ostree_bootconfig_parser_write ()
    
-
    gboolean
+
    gboolean
 ostree_bootconfig_parser_write (OstreeBootconfigParser *self,
-                                GFile *output,
-                                GCancellable *cancellable,
-                                GError **error);
    
+                                GFile *output,
+                                GCancellable *cancellable,
+                                GError **error);
    
 
    
 
    
 
    
 
    ostree_bootconfig_parser_write_at ()
    
-
    gboolean
+
    gboolean
 ostree_bootconfig_parser_write_at (OstreeBootconfigParser *self,
                                    int dfd,
                                    const char *path,
-                                   GCancellable *cancellable,
-                                   GError **error);
    
+                                   GCancellable *cancellable,
+                                   GError **error);
    
 
    
 
    
 
    
diff --git a/apidoc/html/ostree-ostree-chain-input-stream.html b/apidoc/html/ostree-ostree-chain-input-stream.html
index 495053c2..98706ac1 100644
--- a/apidoc/html/ostree-ostree-chain-input-stream.html
+++ b/apidoc/html/ostree-ostree-chain-input-stream.html
@@ -69,7 +69,7 @@
 
    
 
    ostree_chain_input_stream_new ()
    
 
    OstreeChainInputStream *
-ostree_chain_input_stream_new (GPtrArray *streams);
    
+ostree_chain_input_stream_new (GPtrArray *streams);
 
    
 
    
 
    
diff --git a/apidoc/html/ostree-ostree-checksum-input-stream.html b/apidoc/html/ostree-ostree-checksum-input-stream.html
index 89d2ab98..90d2b818 100644
--- a/apidoc/html/ostree-ostree-checksum-input-stream.html
+++ b/apidoc/html/ostree-ostree-checksum-input-stream.html
@@ -69,8 +69,8 @@
 
    
 
    ostree_checksum_input_stream_new ()
    
 
    OstreeChecksumInputStream *
-ostree_checksum_input_stream_new (GInputStream *stream,
-                                  GChecksum *checksum);
    
+ostree_checksum_input_stream_new (GInputStream *stream,
+                                  GChecksum *checksum);
 
    
 
    
 
    
diff --git a/apidoc/html/ostree-ostree-deployment.html b/apidoc/html/ostree-ostree-deployment.html
index d276aaef..fbd7e98e 100644
--- a/apidoc/html/ostree-ostree-deployment.html
+++ b/apidoc/html/ostree-ostree-deployment.html
@@ -41,7 +41,7 @@
 
    
 
    
 
-guint
+guint
 
 
 ostree_deployment_hash ()
@@ -49,7 +49,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_deployment_equal ()
@@ -118,7 +118,7 @@
 
    
 
    
 
-GKeyFile *
+GKeyFile *
 
 
 ostree_deployment_get_origin ()
@@ -210,15 +210,15 @@
 
    Functions
    
 
    
 
    ostree_deployment_hash ()
    
-
    guint
-ostree_deployment_hash (gconstpointer v);
    
+
    guint
+ostree_deployment_hash (gconstpointer v);
    
 
    
 
    
 
    
 
    ostree_deployment_equal ()
    
-
    gboolean
-ostree_deployment_equal (gconstpointer ap,
-                         gconstpointer bp);
    
+
    gboolean
+ostree_deployment_equal (gconstpointer ap,
+                         gconstpointer bp);
    
 
    
 
    Parameters
    
 
    
@@ -243,7 +243,7 @@ ostree_deployment_equal (gconstpo
 
 
    
 
    Returns
    
-
     TRUE if deployments have the same osname, csum, and deployserial
    
+
     TRUE if deployments have the same osname, csum, and deployserial
    
 
    
 
 
    
@@ -322,7 +322,7 @@ ostree_deployment_get_bootconfig (
 
    
 
    ostree_deployment_get_origin ()
    
-
    GKeyFile *
+
    GKeyFile *
 ostree_deployment_get_origin (OstreeDeployment *self);
    
 
    
 
    Parameters
    
@@ -406,7 +406,7 @@ ostree_deployment_set_bootconfig (
    ostree_deployment_set_origin ()
    
 
    void
 ostree_deployment_set_origin (OstreeDeployment *self,
-                              GKeyFile *origin);
    
+                              GKeyFile *origin);
    
 
    
 
    
 
    
@@ -506,7 +506,7 @@ ostree_deployment_unlocked_state_to_string
 
    
-
+
diff --git a/apidoc/html/ostree-ostree-diff.html b/apidoc/html/ostree-ostree-diff.html
index ca5dad0a..23715f57 100644
--- a/apidoc/html/ostree-ostree-diff.html
+++ b/apidoc/html/ostree-ostree-diff.html
@@ -57,7 +57,7 @@
 
 
-
+
@@ -192,16 +192,16 @@ sets of 
 
    ostree_diff_dirs_with_options ()
    
-
    gboolean
+
    gboolean
 ostree_diff_dirs_with_options (OstreeDiffFlags flags,
-                               GFile *a,
-                               GFile *b,
-                               GPtrArray *modified,
-                               GPtrArray *removed,
-                               GPtrArray *added,
+                               GFile *a,
+                               GFile *b,
+                               GPtrArray *modified,
+                               GPtrArray *removed,
+                               GPtrArray *added,
                                OstreeDiffDirsOptions *options,
-                               GCancellable *cancellable,
-                               GError **error);
    
+                               GCancellable *cancellable,
+                               GError **error);
    
 
    Compute the difference between directory a
  and b
  as 3 separate
@@ -225,7 +225,7 @@ sets of 
    a
    
-    
+
@@ -271,11 +271,11 @@ sets of 
 
    ostree_diff_print ()
    
 
    void
-ostree_diff_print (GFile *a,
-                   GFile *b,
-                   GPtrArray *modified,
-                   GPtrArray *removed,
-                   GPtrArray *added);
    
+ostree_diff_print (GFile *a,
+                   GFile *b,
+                   GPtrArray *modified,
+                   GPtrArray *removed,
+                   GPtrArray *added);
 
    Print the contents of a diff to stdout.
    
 
    
 
    Parameters
    
diff --git a/apidoc/html/ostree-ostree-repo-file.html b/apidoc/html/ostree-ostree-repo-file.html
index 392f8bbd..95d140c9 100644
--- a/apidoc/html/ostree-ostree-repo-file.html
+++ b/apidoc/html/ostree-ostree-repo-file.html
@@ -40,7 +40,7 @@
 
     
 
    
 
    GKeyFile *origin;
    GKeyFile *origin;
    		
 
    How to construct an upgraded version of this tree
    		
  
 
    
 
-gboolean
+gboolean
 
 
 ostree_diff_dirs ()
@@ -65,7 +65,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_diff_dirs_with_options ()
@@ -120,15 +120,15 @@ ostree_diff_item_unref (
 
    ostree_diff_dirs ()
    
-
    gboolean
+
    gboolean
 ostree_diff_dirs (OstreeDiffFlags flags,
-                  GFile *a,
-                  GFile *b,
-                  GPtrArray *modified,
-                  GPtrArray *removed,
-                  GPtrArray *added,
-                  GCancellable *cancellable,
-                  GError **error);
    
+                  GFile *a,
+                  GFile *b,
+                  GPtrArray *modified,
+                  GPtrArray *removed,
+                  GPtrArray *added,
+                  GCancellable *cancellable,
+                  GError **error);
    
 
    Compute the difference between directory a
  and b
  as 3 separate
@@ -152,7 +152,7 @@ sets of 
    a
    First directory path, or NULL
    First directory path, or NULL
    		
  
 
    
 
    First directory path, or NULL
    First directory path, or NULL
    		
  
 
    
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_repo_file_ensure_resolved ()
@@ -48,7 +48,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_repo_file_get_xattrs ()
@@ -94,7 +94,7 @@
 
    
 
    
 
-GVariant *
+GVariant *
 
 
 ostree_repo_file_tree_get_contents ()
@@ -102,7 +102,7 @@
 
    
 
    
 
-GVariant *
+GVariant *
 
 
 ostree_repo_file_tree_get_metadata ()
@@ -125,7 +125,7 @@
 
    
 
    
 
-gboolean
+gboolean
 
 
 ostree_repo_file_tree_query_child ()
@@ -154,18 +154,18 @@
 
    Functions
    
 
    
 
    ostree_repo_file_ensure_resolved ()
    
-
    gboolean
+
    gboolean
 ostree_repo_file_ensure_resolved (OstreeRepoFile *self,
-                                  GError **error);
    
+                                  GError **error);
    
 
    
 
    
 
    
 
    ostree_repo_file_get_xattrs ()
    
-
    gboolean
+
    gboolean
 ostree_repo_file_get_xattrs (OstreeRepoFile *self,
-                             GVariant **out_xattrs,
-                             GCancellable *cancellable,
-                             GError **error);
    
+                             GVariant **out_xattrs,
+                             GCancellable *cancellable,
+                             GError **error);
    
 
    
 
    
 
    
@@ -195,7 +195,7 @@ ostree_repo_file_get_root (void
 ostree_repo_file_tree_set_metadata (OstreeRepoFile *self,
                                     const char *checksum,
-                                    GVariant *metadata);
+                                    GVariant *metadata);
 
    
 
    
 
    
@@ -214,13 +214,13 @@ ostree_repo_file_tree_get_metadata_checksum
 
    
 
    
 
    ostree_repo_file_tree_get_contents ()
    
-
    GVariant *
+
    GVariant *
 ostree_repo_file_tree_get_contents (OstreeRepoFile *self);
    
 
    
 
    
 
    
 
    ostree_repo_file_tree_get_metadata ()
    
-
    GVariant *
+
    GVariant *
 ostree_repo_file_tree_get_metadata (OstreeRepoFile *self);
    
 
    
 
    
@@ -235,20 +235,20 @@ ostree_repo_file_get_checksum (int
 ostree_repo_file_tree_find_child (OstreeRepoFile *self,
                                   const char *name,
-                                  gboolean *is_dir,
-                                  GVariant **out_container);
+                                  gboolean *is_dir,
+                                  GVariant **out_container);
 
    
 
    
 
    
 
    ostree_repo_file_tree_query_child ()
    
-
    gboolean
+
    gboolean
 ostree_repo_file_tree_query_child (OstreeRepoFile *self,
                                    int n,
                                    const char *attributes,
-                                   GFileQueryInfoFlags flags,
-                                   GFileInfo **out_info,
-                                   GCancellable *cancellable,
-                                   GError **error);
    
+                                   GFileQueryInfoFlags flags,
+                                   GFileInfo **out_info,
+                                   GCancellable *cancellable,
+                                   GError **error);
    
 
    
 
 
    
diff --git a/apidoc/html/ostree.devhelp2 b/apidoc/html/ostree.devhelp2
index 665a92b1..77df577a 100644
--- a/apidoc/html/ostree.devhelp2
+++ b/apidoc/html/ostree.devhelp2
@@ -68,7 +68,6 @@
     
     
     
-    
     
     
     
@@ -257,6 +256,7 @@
     
     
     
+    
     
     
     
@@ -267,6 +267,7 @@
     
     
     
+    
     
     
     
@@ -421,6 +422,7 @@
     
     
     
+    
     
     
     
diff --git a/apidoc/html/reference.html b/apidoc/html/reference.html
index c0365130..4e82bd93 100644
--- a/apidoc/html/reference.html
+++ b/apidoc/html/reference.html
@@ -475,10 +475,6 @@ OSTREE_CHECK_VERSION, macro in ostree-version
 
 
    
 
    
-OSTREE_MAX_RECURSION, macro in Core repository-independent functions
-
    
-
    
-
    
 ostree_metadata_variant_type, function in Core repository-independent functions
 
    
 
    
@@ -1391,6 +1387,14 @@ OSTREE_RELEASE_VERSION, macro in ostree-version
 
 
    
 
    
+ostree_sysroot_query_deployments_for, function in Root partition mount point
+
    
+
    
+
    
+ostree_sysroot_repo, function in Root partition mount point
+
    
+
    
+
    
 ostree_sysroot_simple_write_deployment, function in Root partition mount point
 
    
 
    
diff --git a/apidoc/ostree-experimental-sections.txt b/apidoc/ostree-experimental-sections.txt
index 790feb33..998a4f9c 100644
--- a/apidoc/ostree-experimental-sections.txt
+++ b/apidoc/ostree-experimental-sections.txt
@@ -3,4 +3,5 @@
 OstreeRemote
 ostree_remote_ref
 ostree_remote_unref
+ostree_remote_get_name
 
diff --git a/apidoc/ostree-sections.txt b/apidoc/ostree-sections.txt
index adc2dfd7..116c50e8 100644
--- a/apidoc/ostree-sections.txt
+++ b/apidoc/ostree-sections.txt
@@ -89,7 +89,6 @@ OSTREE_VERSION_HEX
 ostree-core
 OSTREE_MAX_METADATA_SIZE
 OSTREE_MAX_METADATA_WARN_SIZE
-OSTREE_MAX_RECURSION
 OstreeObjectType
 OSTREE_OBJECT_TYPE_IS_META
 OSTREE_OBJECT_TYPE_LAST
@@ -486,6 +485,7 @@ ostree_sysroot_get_deployment_dirpath
 ostree_sysroot_get_deployment_origin_path
 ostree_sysroot_cleanup
 ostree_sysroot_prepare_cleanup
+ostree_sysroot_repo
 ostree_sysroot_get_repo
 ostree_sysroot_init_osname
 ostree_sysroot_deployment_set_kargs
@@ -496,6 +496,7 @@ ostree_sysroot_write_deployments_with_options
 ostree_sysroot_write_origin_file
 ostree_sysroot_deploy_tree
 ostree_sysroot_get_merge_deployment
+ostree_sysroot_query_deployments_for
 ostree_sysroot_origin_new_from_refspec
 OstreeSysrootSimpleWriteDeploymentFlags
 ostree_sysroot_simple_write_deployment
diff --git a/apidoc/version.xml b/apidoc/version.xml
index f7cc504e..5c006737 100644
--- a/apidoc/version.xml
+++ b/apidoc/version.xml
@@ -1 +1 @@
-2017.6
\ No newline at end of file
+2017.7
\ No newline at end of file
diff --git a/buildutil/glib-tap.mk b/buildutil/glib-tap.mk
index ac4329bf..34b8f21e 100644
--- a/buildutil/glib-tap.mk
+++ b/buildutil/glib-tap.mk
@@ -1,6 +1,6 @@
 # GLIB - Library of useful C routines
 
-TESTS_ENVIRONMENT= \
+AM_TESTS_ENVIRONMENT= \
 	G_TEST_SRCDIR="$(abs_srcdir)" 		\
 	G_TEST_BUILDDIR="$(abs_builddir)" 	\
 	UNINSTALLEDTESTS=1                      \
diff --git a/configure b/configure
index c8350804..617905ca 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libostree 2017.6.
+# Generated by GNU Autoconf 2.69 for libostree 2017.7.
 #
 # Report bugs to .
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='libostree'
 PACKAGE_TARNAME='libostree'
-PACKAGE_VERSION='2017.6'
-PACKAGE_STRING='libostree 2017.6'
+PACKAGE_VERSION='2017.7'
+PACKAGE_STRING='libostree 2017.7'
 PACKAGE_BUGREPORT='walters@verbum.org'
 PACKAGE_URL=''
 
@@ -635,6 +635,8 @@ ac_subst_vars='am__EXEEXT_FALSE
 am__EXEEXT_TRUE
 LTLIBOBJS
 LIBOBJS
+BUILDOPT_IS_DEVEL_BUILD_FALSE
+BUILDOPT_IS_DEVEL_BUILD_TRUE
 ENABLE_EXPERIMENTAL_API_FALSE
 ENABLE_EXPERIMENTAL_API_TRUE
 BUILDOPT_GJS_FALSE
@@ -732,6 +734,8 @@ INTROSPECTION_COMPILER
 INTROSPECTION_SCANNER
 USE_CURL_OR_SOUP_FALSE
 USE_CURL_OR_SOUP_TRUE
+BUILDOPT_TRIVIAL_HTTPD_FALSE
+BUILDOPT_TRIVIAL_HTTPD_TRUE
 HAVE_LIBSOUP_CLIENT_CERTS_FALSE
 HAVE_LIBSOUP_CLIENT_CERTS_TRUE
 USE_LIBSOUP_FALSE
@@ -1522,7 +1526,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures libostree 2017.6 to adapt to many kinds of systems.
+\`configure' configures libostree 2017.7 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1592,7 +1596,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of libostree 2017.6:";;
+     short | recursive ) echo "Configuration of libostree 2017.7:";;
    esac
   cat <<\_ACEOF
 
@@ -1823,7 +1827,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-libostree configure 2017.6
+libostree configure 2017.7
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2238,7 +2242,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by libostree $as_me 2017.6, which was
+It was created by libostree $as_me 2017.7, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2586,6 +2590,7 @@ ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $
 ac_compiler_gnu=$ac_cv_c_compiler_gnu
 
 
+is_release_build=yes
 ac_config_headers="$ac_config_headers config.h"
 
 
@@ -3105,7 +3110,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='libostree'
- VERSION='2017.6'
+ VERSION='2017.7'
 
 
 # Some tools Automake needs.
@@ -5839,9 +5844,9 @@ test -n "$YACC" || YACC="yacc"
 
 YEAR_VERSION=2017
 
-RELEASE_VERSION=6
+RELEASE_VERSION=7
 
-PACKAGE_VERSION=2017.6
+PACKAGE_VERSION=2017.7
 
 
 
@@ -14889,7 +14894,15 @@ else
   enable_trivial_httpd_cmdline=no
 fi
 
-if test x$enable_trivial_httpd_cmdline = xyes; then :
+ if test x$enable_trivial_httpd_cmdline = xyes; then
+  BUILDOPT_TRIVIAL_HTTPD_TRUE=
+  BUILDOPT_TRIVIAL_HTTPD_FALSE='#'
+else
+  BUILDOPT_TRIVIAL_HTTPD_TRUE='#'
+  BUILDOPT_TRIVIAL_HTTPD_FALSE=
+fi
+
+if test -z "$BUILDOPT_TRIVIAL_HTTPD_TRUE"; then :
 
 $as_echo "#define BUILDOPT_ENABLE_TRIVIAL_HTTPD_CMDLINE 1" >>confdefs.h
 
@@ -17072,6 +17085,19 @@ else
   ENABLE_EXPERIMENTAL_API_FALSE=
 fi
 
+ if test x$is_release_build != xyes; then
+  BUILDOPT_IS_DEVEL_BUILD_TRUE=
+  BUILDOPT_IS_DEVEL_BUILD_FALSE='#'
+else
+  BUILDOPT_IS_DEVEL_BUILD_TRUE='#'
+  BUILDOPT_IS_DEVEL_BUILD_FALSE=
+fi
+
+if test -z "$BUILDOPT_IS_DEVEL_BUILD_TRUE"; then :
+  release_build_type=devel
+else
+  release_build_type=release
+fi
 
 ac_config_files="$ac_config_files Makefile apidoc/Makefile src/libostree/ostree-1.pc src/libostree/ostree-version.h"
 
@@ -17244,6 +17270,10 @@ if test -z "${HAVE_LIBSOUP_CLIENT_CERTS_TRUE}" && test -z "${HAVE_LIBSOUP_CLIENT
   as_fn_error $? "conditional \"HAVE_LIBSOUP_CLIENT_CERTS\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
+if test -z "${BUILDOPT_TRIVIAL_HTTPD_TRUE}" && test -z "${BUILDOPT_TRIVIAL_HTTPD_FALSE}"; then
+  as_fn_error $? "conditional \"BUILDOPT_TRIVIAL_HTTPD\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
 if test -z "${USE_CURL_OR_SOUP_TRUE}" && test -z "${USE_CURL_OR_SOUP_FALSE}"; then
   as_fn_error $? "conditional \"USE_CURL_OR_SOUP\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
@@ -17356,6 +17386,10 @@ if test -z "${ENABLE_EXPERIMENTAL_API_TRUE}" && test -z "${ENABLE_EXPERIMENTAL_A
   as_fn_error $? "conditional \"ENABLE_EXPERIMENTAL_API\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
+if test -z "${BUILDOPT_IS_DEVEL_BUILD_TRUE}" && test -z "${BUILDOPT_IS_DEVEL_BUILD_FALSE}"; then
+  as_fn_error $? "conditional \"BUILDOPT_IS_DEVEL_BUILD\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
 
 : "${CONFIG_STATUS=./config.status}"
 ac_write_fail=0
@@ -17753,7 +17787,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by libostree $as_me 2017.6, which was
+This file was extended by libostree $as_me 2017.7, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -17819,7 +17853,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-libostree config.status 2017.6
+libostree config.status 2017.7
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
@@ -19509,7 +19543,7 @@ fi
 
 
 echo "
-    libOSTree $VERSION
+    libOSTree $VERSION ($release_build_type)
     ===============
 
 
diff --git a/configure.ac b/configure.ac
index a6abee85..7946f4fd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,10 +1,13 @@
 AC_PREREQ([2.63])
-dnl If incrementing the version here, remember to update libostree.sym too
+dnl If doing a final release, remember to follow the instructions to
+dnl update libostree-released.sym from libostree-devel.sym, and update the checksum
+dnl in test-symbols.sh, and also set is_release_build=yes below.  Then make
+dnl another post-release commit to bump the version, and set is_release_build=no.
 m4_define([year_version], [2017])
-m4_define([release_version], [6])
+m4_define([release_version], [7])
 m4_define([package_version], [year_version.release_version])
-
 AC_INIT([libostree], [package_version], [walters@verbum.org])
+is_release_build=yes
 AC_CONFIG_HEADER([config.h])
 AC_CONFIG_MACRO_DIR([buildutil])
 AC_CONFIG_AUX_DIR([build-aux])
@@ -148,7 +151,8 @@ AC_ARG_ENABLE(trivial-httpd-cmdline,
   [AS_HELP_STRING([--enable-trivial-httpd-cmdline],
   [Continue to support "ostree trivial-httpd" [default=no]])],,
   enable_trivial_httpd_cmdline=no)
-AS_IF([test x$enable_trivial_httpd_cmdline = xyes],
+AM_CONDITIONAL(BUILDOPT_TRIVIAL_HTTPD, test x$enable_trivial_httpd_cmdline = xyes)
+AM_COND_IF(BUILDOPT_TRIVIAL_HTTPD,
   [AC_DEFINE([BUILDOPT_ENABLE_TRIVIAL_HTTPD_CMDLINE], 1, [Define if we are enabling ostree trivial-httpd entrypoint])]
 )
 
@@ -455,6 +459,8 @@ AS_IF([test x$enable_experimental_api = xyes],
    OSTREE_FEATURES="$OSTREE_FEATURES experimental"]
 )
 AM_CONDITIONAL([ENABLE_EXPERIMENTAL_API],[test x$enable_experimental_api = xyes])
+AM_CONDITIONAL([BUILDOPT_IS_DEVEL_BUILD],[test x$is_release_build != xyes])
+AM_COND_IF([BUILDOPT_IS_DEVEL_BUILD], release_build_type=devel, release_build_type=release)
 
 AC_CONFIG_FILES([
 Makefile
@@ -465,7 +471,7 @@ src/libostree/ostree-version.h
 AC_OUTPUT
 
 echo "
-    libOSTree $VERSION
+    libOSTree $VERSION ($release_build_type)
     ===============
 
 
diff --git a/man/ostree-admin-cleanup.1 b/man/ostree-admin-cleanup.1
index 50ba5195..d9ed4485 100644
--- a/man/ostree-admin-cleanup.1
+++ b/man/ostree-admin-cleanup.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin cleanup
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin cleanup
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-config-diff.1 b/man/ostree-admin-config-diff.1
index f3661b09..d225fc30 100644
--- a/man/ostree-admin-config-diff.1
+++ b/man/ostree-admin-config-diff.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin config-diff
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin config-diff
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-deploy.1 b/man/ostree-admin-deploy.1
index 0c07738e..4940abc7 100644
--- a/man/ostree-admin-deploy.1
+++ b/man/ostree-admin-deploy.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin deploy
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin deploy
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-init-fs.1 b/man/ostree-admin-init-fs.1
index fcb7302f..a297882c 100644
--- a/man/ostree-admin-init-fs.1
+++ b/man/ostree-admin-init-fs.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin init-fs
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin init-fs
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-instutil.1 b/man/ostree-admin-instutil.1
index cc0f52b7..e6ca5c83 100644
--- a/man/ostree-admin-instutil.1
+++ b/man/ostree-admin-instutil.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin instutil
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin instutil
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-os-init.1 b/man/ostree-admin-os-init.1
index 4f2f7cbe..071ba7b7 100644
--- a/man/ostree-admin-os-init.1
+++ b/man/ostree-admin-os-init.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin os-init
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin os-init
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-set-origin.1 b/man/ostree-admin-set-origin.1
index 33d6720f..c198370e 100644
--- a/man/ostree-admin-set-origin.1
+++ b/man/ostree-admin-set-origin.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin set-origin
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin set-origin
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-status.1 b/man/ostree-admin-status.1
index 9ac88f20..7f53c64b 100644
--- a/man/ostree-admin-status.1
+++ b/man/ostree-admin-status.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin status
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin status
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-switch.1 b/man/ostree-admin-switch.1
index f7761162..8ba9f9a3 100644
--- a/man/ostree-admin-switch.1
+++ b/man/ostree-admin-switch.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin switch
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin switch
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-undeploy.1 b/man/ostree-admin-undeploy.1
index 5a0253f2..e3fbde2f 100644
--- a/man/ostree-admin-undeploy.1
+++ b/man/ostree-admin-undeploy.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin undeploy
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin undeploy
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-unlock.1 b/man/ostree-admin-unlock.1
index 141656c5..00aa50a8 100644
--- a/man/ostree-admin-unlock.1
+++ b/man/ostree-admin-unlock.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin unlock
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin unlock
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin-upgrade.1 b/man/ostree-admin-upgrade.1
index 50734f26..b38fbb4b 100644
--- a/man/ostree-admin-upgrade.1
+++ b/man/ostree-admin-upgrade.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin upgrade
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin upgrade
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-admin.1 b/man/ostree-admin.1
index 4f149829..08b208b8 100644
--- a/man/ostree-admin.1
+++ b/man/ostree-admin.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree admin
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree admin
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-cat.1 b/man/ostree-cat.1
index c771a90a..30682883 100644
--- a/man/ostree-cat.1
+++ b/man/ostree-cat.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree cat
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree cat
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-checkout.1 b/man/ostree-checkout.1
index 44dc90a8..9ebe63a8 100644
--- a/man/ostree-checkout.1
+++ b/man/ostree-checkout.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree checkout
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree checkout
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-checksum.1 b/man/ostree-checksum.1
index fa8abeaf..fdc8f435 100644
--- a/man/ostree-checksum.1
+++ b/man/ostree-checksum.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree checksum
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree checksum
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-commit.1 b/man/ostree-commit.1
index 0bc038db..10518ead 100644
--- a/man/ostree-commit.1
+++ b/man/ostree-commit.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree commit
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree commit
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-config.1 b/man/ostree-config.1
index 9e927d46..d12f72a2 100644
--- a/man/ostree-config.1
+++ b/man/ostree-config.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree config
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree config
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-diff.1 b/man/ostree-diff.1
index abbb8b80..c0b5b895 100644
--- a/man/ostree-diff.1
+++ b/man/ostree-diff.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree diff
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree diff
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-export.1 b/man/ostree-export.1
index f40c257e..79384e65 100644
--- a/man/ostree-export.1
+++ b/man/ostree-export.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree export
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree export
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-fsck.1 b/man/ostree-fsck.1
index 6ee29ddd..febe37ff 100644
--- a/man/ostree-fsck.1
+++ b/man/ostree-fsck.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree fsck
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree fsck
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-gpg-sign.1 b/man/ostree-gpg-sign.1
index 621af5cb..0e6601fd 100644
--- a/man/ostree-gpg-sign.1
+++ b/man/ostree-gpg-sign.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree gpg-sign
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree gpg-sign
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-init.1 b/man/ostree-init.1
index 8a33ac92..5d4a9f12 100644
--- a/man/ostree-init.1
+++ b/man/ostree-init.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree init
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree init
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-log.1 b/man/ostree-log.1
index 5dee34cd..f085e242 100644
--- a/man/ostree-log.1
+++ b/man/ostree-log.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree log
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree log
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-ls.1 b/man/ostree-ls.1
index aefbb97c..1c40c990 100644
--- a/man/ostree-ls.1
+++ b/man/ostree-ls.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree ls
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree ls
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-prune.1 b/man/ostree-prune.1
index 30a42239..c25f23ce 100644
--- a/man/ostree-prune.1
+++ b/man/ostree-prune.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree prune
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree prune
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-pull-local.1 b/man/ostree-pull-local.1
index 9abae9a9..c6124196 100644
--- a/man/ostree-pull-local.1
+++ b/man/ostree-pull-local.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree pull-local
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree pull-local
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-pull.1 b/man/ostree-pull.1
index ff57eb3c..f0ad3ba5 100644
--- a/man/ostree-pull.1
+++ b/man/ostree-pull.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree pull
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree pull
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-refs.1 b/man/ostree-refs.1
index 7898ba25..665c3837 100644
--- a/man/ostree-refs.1
+++ b/man/ostree-refs.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree refs
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree refs
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-remote.1 b/man/ostree-remote.1
index eb9cbd55..c0fed9e1 100644
--- a/man/ostree-remote.1
+++ b/man/ostree-remote.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree remote
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree remote
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-reset.1 b/man/ostree-reset.1
index b2ce450b..04f8db1a 100644
--- a/man/ostree-reset.1
+++ b/man/ostree-reset.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree reset
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree reset
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-rev-parse.1 b/man/ostree-rev-parse.1
index 78af805b..4b0984aa 100644
--- a/man/ostree-rev-parse.1
+++ b/man/ostree-rev-parse.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree rev-parse
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree rev-parse
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-show.1 b/man/ostree-show.1
index ef36f4a2..5fdd55d5 100644
--- a/man/ostree-show.1
+++ b/man/ostree-show.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree show
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree show
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-static-delta.1 b/man/ostree-static-delta.1
index 660983ff..6a8a3215 100644
--- a/man/ostree-static-delta.1
+++ b/man/ostree-static-delta.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree static-delta
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree static-delta
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-summary.1 b/man/ostree-summary.1
index 6f2b1622..0bd1252e 100644
--- a/man/ostree-summary.1
+++ b/man/ostree-summary.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree summary
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree summary
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree-trivial-httpd.1 b/man/ostree-trivial-httpd.1
deleted file mode 100644
index 9a021cc9..00000000
--- a/man/ostree-trivial-httpd.1
+++ /dev/null
@@ -1,66 +0,0 @@
-'\" t
-.\"     Title: ostree trivial-httpd
-.\"    Author: Colin Walters 
-.\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
-.\"    Manual: ostree trivial-httpd
-.\"    Source: OSTree
-.\"  Language: English
-.\"
-.TH "OSTREE TRIVIAL\-HTTP" "1" "" "OSTree" "ostree trivial-httpd"
-.\" -----------------------------------------------------------------
-.\" * Define some portability stuff
-.\" -----------------------------------------------------------------
-.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.\" http://bugs.debian.org/507673
-.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
-.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-.ie \n(.g .ds Aq \(aq
-.el       .ds Aq '
-.\" -----------------------------------------------------------------
-.\" * set default formatting
-.\" -----------------------------------------------------------------
-.\" disable hyphenation
-.nh
-.\" disable justification (adjust text to left margin only)
-.ad l
-.\" -----------------------------------------------------------------
-.\" * MAIN CONTENT STARTS HERE *
-.\" -----------------------------------------------------------------
-.SH "NAME"
-ostree-trivial-httpd \- Simple webserver
-.SH "SYNOPSIS"
-.HP \w'\fBostree\ trivial\-httpd\fR\ 'u
-\fBostree trivial\-httpd\fR [OPTIONS...] [DIR]
-.SH "DESCRIPTION"
-.PP
-This runs a simple webserver and keeps it running until killed\&. If DIR is not specified, it defaults to the current directory\&.
-.SH "OPTIONS"
-.PP
-\fB\-\-daemonize\fR,\fB\-d\fR
-.RS 4
-Fork into background when ready\&.
-.RE
-.PP
-\fB\-\-autoexit\fR
-.RS 4
-Automatically exit when directory is deleted\&.
-.RE
-.PP
-\fB\-\-port\-file\fR,\fB\-p\fR="PATH"
-.RS 4
-Write port number to PATH (\- for standard output)\&.
-.RE
-.PP
-\fB\-\-port\fR,\fB\-P\fR
-.RS 4
-Use the specified TCP port to listen on\&.
-.RE
-.PP
-\fB\-\-force\-range\-requests\fR
-.RS 4
-Force range requests by only serving half of files\&.
-.RE
-.SH "EXAMPLE"
-.PP
-\fB$ ostree trivial\-httpd\fR
diff --git a/man/ostree-trivial-httpd.xml b/man/ostree-trivial-httpd.xml
deleted file mode 100644
index 2b846858..00000000
--- a/man/ostree-trivial-httpd.xml
+++ /dev/null
@@ -1,116 +0,0 @@
- 
-
-
-
-
-
-
-    
-        ostree trivial-httpd
-        OSTree
-
-        
-            
-                Developer
-                Colin
-                Walters
-                walters@verbum.org
-            
-        
-    
-
-    
-        ostree trivial-httpd
-        1
-    
-
-    
-        ostree-trivial-httpd
-        Simple webserver
-    
-
-    
-            
-                ostree trivial-httpd OPTIONS DIR
-            
-    
-
-
-    
-        Description
-
-        
-            This runs a simple webserver and keeps it running until killed.  If DIR is not specified, it defaults to the current directory.
-        
-    
-
-    
-        Options
-
-        
-            
-                ,
-
-                
-                    Fork into background when ready.
-                
-            
-
-            
-                
-
-                
-                    Automatically exit when directory is deleted.
-                
-            
-
-            
-                ,="PATH"
-
-                
-                    Write port number to PATH (- for standard output).
-                
-            
-
-            
-                ,
-
-                
-                    Use the specified TCP port to listen on.
-                
-            
-
-            
-                
-
-                
-                    Force range requests by only serving half of files.
-                
-            
-        
-    
-
-
-    
-        Example
-        $ ostree trivial-httpd
-    
-
diff --git a/man/ostree.1 b/man/ostree.1
index 58434378..413926aa 100644
--- a/man/ostree.1
+++ b/man/ostree.1
@@ -2,7 +2,7 @@
 .\"     Title: ostree
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree.repo-config.5 b/man/ostree.repo-config.5
index de7302a3..39f0b09b 100644
--- a/man/ostree.repo-config.5
+++ b/man/ostree.repo-config.5
@@ -2,7 +2,7 @@
 .\"     Title: ostree.repo-config
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree.repo-config
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/ostree.repo.5 b/man/ostree.repo.5
index 07f0d904..ff7ef223 100644
--- a/man/ostree.repo.5
+++ b/man/ostree.repo.5
@@ -2,7 +2,7 @@
 .\"     Title: ostree.repo
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: ostree.repo
 .\"    Source: OSTree
 .\"  Language: English
diff --git a/man/rofiles-fuse.1 b/man/rofiles-fuse.1
index 59591a05..1b498f70 100644
--- a/man/rofiles-fuse.1
+++ b/man/rofiles-fuse.1
@@ -2,7 +2,7 @@
 .\"     Title: rofiles-fuse
 .\"    Author: Colin Walters 
 .\" Generator: DocBook XSL Stylesheets v1.79.1 
-.\"      Date: 05/17/2017
+.\"      Date: 06/19/2017
 .\"    Manual: rofiles-fuse
 .\"    Source: rofiles-fuse
 .\"  Language: English
diff --git a/src/libostree/libostree-experimental.sym b/src/libostree/libostree-experimental.sym
deleted file mode 100644
index e2ab4ea8..00000000
--- a/src/libostree/libostree-experimental.sym
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- * Copyright © 2017 Endless Mobile, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Authors:
- *  - Philip Withnall 
- */
-
-/* Symbols in this file are added to the build if OSTree is configured with
- * --enable-experimental-api. They are not stable or officially supported, and
- * might disappear or change in future releases. */
-
-LIBOSTREE_2017.6_EXPERIMENTAL {
-global:
-  ostree_remote_ref;
-  ostree_remote_unref;
-} LIBOSTREE_2017.6;
diff --git a/src/libostree/libostree.sym b/src/libostree/libostree-released.sym
similarity index 95%
rename from src/libostree/libostree.sym
rename to src/libostree/libostree-released.sym
index e2a7c3d9..5fc8a9b1 100644
--- a/src/libostree/libostree.sym
+++ b/src/libostree/libostree-released.sym
@@ -1,4 +1,6 @@
-/***
+/* Released symbol file: DO NOT EDIT except in release commits!
+   Edit libostree-devel.sym instead.
+
   Copyright (C) 2016 Colin Walters 
  
   This library is free software; you can redistribute it and/or
@@ -17,6 +19,9 @@
   Boston, MA 02111-1307, USA.
 ***/
 
+/* DO NOT EDIT this file - use libostree-devel.sym instead.  Release
+ * commits will move symbols from libostree-devel.sym to libostree-released.sym.
+ */
 
 /*
  Retroactively make all of these symbols 2016.3, which is
@@ -397,24 +402,12 @@ global:
   ostree_async_progress_set_variant;
 } LIBOSTREE_2017.4;
 
-/*                         NOTE NOTE NOTE
- * Versions above here are released.  Only add symbols below this line.
- *                         NOTE NOTE NOTE
- */
-
-/*
-LIBOSTREE_2017.$NEWVERSION {
+LIBOSTREE_2017.7 {
 global:
-	someostree_symbol_deleteme;
+  ostree_sysroot_repo;
+  ostree_sysroot_query_deployments_for;
 } LIBOSTREE_2017.6;
-*/
 
-/* Stub section for the stable release *after* this development one; don't
- * edit this other than to update the last number.  This is just a copy/paste
- * source.  Replace $LASTSTABLE with the last stable version, and $NEWVERSION
- * with whatever the next version with new symbols will be.
-LIBOSTREE_2017.$NEWVERSION {
-global:
-	someostree_symbol_deleteme;
-} LIBOSTREE_2017.$LASTSTABLE;
-*/
+/* NOTE: Only add more content here in release commits!  See the
+ * comments at the top of this file.
+ */
diff --git a/src/libostree/ostree-core.c b/src/libostree/ostree-core.c
index 7d2ed3c6..54e01bcb 100644
--- a/src/libostree/ostree-core.c
+++ b/src/libostree/ostree-core.c
@@ -1763,16 +1763,12 @@ validate_variant (GVariant           *variant,
 {
   if (!g_variant_is_normal_form (variant))
     {
-      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                           "Not normal form");
-      return FALSE;
+      return glnx_throw (error, "%s", "Not normal form");
     }
   if (!g_variant_is_of_type (variant, variant_type))
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Doesn't match variant type '%s'",
-                   (char*)variant_type);
-      return FALSE;
+      return glnx_throw (error, "Doesn't match variant type '%s'",
+                        (char *)variant_type);
     }
   return TRUE;
 }
diff --git a/src/libostree/ostree-core.h b/src/libostree/ostree-core.h
index c530cea3..c1e014e2 100644
--- a/src/libostree/ostree-core.h
+++ b/src/libostree/ostree-core.h
@@ -44,13 +44,6 @@ G_BEGIN_DECLS
  */
 #define OSTREE_MAX_METADATA_WARN_SIZE (7 * 1024 * 1024)
 
-/**
- * OSTREE_MAX_RECURSION:
- * 
- * Maximum depth of metadata.
- */
-#define OSTREE_MAX_RECURSION (256)
-
 /**
  * OSTREE_SHA256_DIGEST_LEN:
  *
diff --git a/src/libostree/ostree-fetcher-curl.c b/src/libostree/ostree-fetcher-curl.c
index f6893fd0..f483a6bb 100644
--- a/src/libostree/ostree-fetcher-curl.c
+++ b/src/libostree/ostree-fetcher-curl.c
@@ -99,8 +99,7 @@ struct FetcherRequest {
   OstreeFetcherRequestFlags flags;
   gboolean is_membuf;
   GError *caught_write_error;
-  char *out_tmpfile;
-  int out_tmpfile_fd;
+  OtTmpfile tmpf;
   GString *output_buf;
 
   CURL *easy;
@@ -269,12 +268,11 @@ request_get_uri (FetcherRequest *req, guint idx)
 static gboolean
 ensure_tmpfile (FetcherRequest *req, GError **error)
 {
-  if (req->out_tmpfile_fd == -1)
+  if (!req->tmpf.initialized)
     {
-      if (!glnx_open_tmpfile_linkable_at (req->fetcher->tmpdir_dfd, ".",
-                                          O_WRONLY | O_CLOEXEC, &req->out_tmpfile_fd,
-                                          &req->out_tmpfile,
-                                          error))
+      if (!ot_open_tmpfile_linkable_at (req->fetcher->tmpdir_dfd, ".",
+                                        O_WRONLY | O_CLOEXEC, &req->tmpf,
+                                        error))
         return FALSE;
     }
   return TRUE;
@@ -387,18 +385,14 @@ check_multi_info (OstreeFetcher *fetcher)
                 {
                   g_task_return_error (task, g_steal_pointer (&local_error));
                 }
-              else if (fchmod (req->out_tmpfile_fd, 0644) < 0)
+              else if (fchmod (req->tmpf.fd, 0644) < 0)
                 {
                   glnx_set_error_from_errno (error);
                   g_task_return_error (task, g_steal_pointer (&local_error));
                 }
-              else if (!glnx_link_tmpfile_at (fetcher->tmpdir_dfd,
-                                         GLNX_LINK_TMPFILE_REPLACE,
-                                         req->out_tmpfile_fd,
-                                         req->out_tmpfile,
-                                         fetcher->tmpdir_dfd,
-                                         tmpfile_path,
-                                         error))
+              else if (!ot_link_tmpfile_at (&req->tmpf, GLNX_LINK_TMPFILE_REPLACE,
+                                            fetcher->tmpdir_dfd, tmpfile_path,
+                                            error))
                 g_task_return_error (task, g_steal_pointer (&local_error));
               else
                 {
@@ -586,8 +580,8 @@ write_cb (void *ptr, size_t size, size_t nmemb, void *data)
     {
       if (!ensure_tmpfile (req, &req->caught_write_error))
         return -1;
-     g_assert (req->out_tmpfile_fd >= 0);
-      if (glnx_loop_write (req->out_tmpfile_fd, ptr, realsize) < 0)
+      g_assert (req->tmpf.fd >= 0);
+      if (glnx_loop_write (req->tmpf.fd, ptr, realsize) < 0)
         {
           glnx_set_error_from_errno (&req->caught_write_error);
           return -1;
@@ -622,9 +616,7 @@ request_unref (FetcherRequest *req)
   g_ptr_array_unref (req->mirrorlist);
   g_free (req->filename);
   g_clear_error (&req->caught_write_error);
-  if (req->out_tmpfile_fd != -1)
-    (void) close (req->out_tmpfile_fd);
-  g_free (req->out_tmpfile);
+  ot_tmpfile_clear (&req->tmpf);
   if (req->output_buf)
     g_string_free (req->output_buf, TRUE);
   curl_easy_cleanup (req->easy);
@@ -770,6 +762,9 @@ initiate_next_curl_request (FetcherRequest *req,
       curl_easy_setopt (req->easy, CURLOPT_SSLKEY, self->tls_client_key_path);
     }
 
+  if ((self->config_flags & OSTREE_FETCHER_FLAGS_TRANSFER_GZIP) > 0)
+    curl_easy_setopt (req->easy, CURLOPT_ACCEPT_ENCODING, "");
+
   /* We should only speak HTTP; TODO: only enable file if specified */
   curl_easy_setopt (req->easy, CURLOPT_PROTOCOLS, (long)(CURLPROTO_HTTP | CURLPROTO_HTTPS | CURLPROTO_FILE));
   /* Picked the current version in F25 as of 20170127, since
@@ -847,7 +842,6 @@ _ostree_fetcher_request_async (OstreeFetcher         *self,
   /* We'll allocate the tmpfile on demand, so we handle
    * file I/O errors just in the write func.
    */
-  req->out_tmpfile_fd = -1;
   if (req->is_membuf)
     req->output_buf = g_string_new ("");
 
diff --git a/src/libostree/ostree-fetcher-soup.c b/src/libostree/ostree-fetcher-soup.c
index fdcbea52..1ca2e771 100644
--- a/src/libostree/ostree-fetcher-soup.c
+++ b/src/libostree/ostree-fetcher-soup.c
@@ -63,6 +63,7 @@ typedef struct {
 
   GVariant *extra_headers;
   int max_outstanding;
+  gboolean transfer_gzip;
 
   /* Our active HTTP requests */
   GHashTable *outstanding;
@@ -553,6 +554,9 @@ ostree_fetcher_session_thread (gpointer data)
                                                           SOUP_SESSION_IDLE_TIMEOUT, 60,
                                                           NULL);
 
+  if (closure->transfer_gzip)
+    soup_session_add_feature_by_type (closure->session, SOUP_TYPE_CONTENT_DECODER);
+
   /* XXX: Now that we have mirrorlist support, we could make this even smarter
    * by spreading requests across mirrors. */
   g_object_get (closure->session, "max-conns-per-host", &max_conns, NULL);
@@ -663,6 +667,7 @@ _ostree_fetcher_constructed (GObject *object)
   self->thread_closure->ref_count = 1;
   self->thread_closure->main_context = g_main_context_ref (main_context);
   self->thread_closure->running = 1;
+  self->thread_closure->transfer_gzip = (self->config_flags & OSTREE_FETCHER_FLAGS_TRANSFER_GZIP) != 0;
   self->thread_closure->tmpdir_dfd = -1;
   self->thread_closure->tmpdir_lock = empty_lockfile;
 
diff --git a/src/libostree/ostree-fetcher.h b/src/libostree/ostree-fetcher.h
index 78b29fae..8ec5f209 100644
--- a/src/libostree/ostree-fetcher.h
+++ b/src/libostree/ostree-fetcher.h
@@ -46,9 +46,12 @@ struct OstreeFetcherClass
   GObjectClass parent_class;
 };
 
+G_DEFINE_AUTOPTR_CLEANUP_FUNC(OstreeFetcher, g_object_unref)
+
 typedef enum {
   OSTREE_FETCHER_FLAGS_NONE = 0,
-  OSTREE_FETCHER_FLAGS_TLS_PERMISSIVE = (1 << 0)
+  OSTREE_FETCHER_FLAGS_TLS_PERMISSIVE = (1 << 0),
+  OSTREE_FETCHER_FLAGS_TRANSFER_GZIP = (1 << 1)
 } OstreeFetcherConfigFlags;
 
 void
diff --git a/src/libostree/ostree-gpg-verify-result.c b/src/libostree/ostree-gpg-verify-result.c
index cd709b7c..0277ce1e 100644
--- a/src/libostree/ostree-gpg-verify-result.c
+++ b/src/libostree/ostree-gpg-verify-result.c
@@ -665,9 +665,8 @@ ostree_gpg_verify_result_require_valid_signature (OstreeGpgVerifyResult *result,
 
   if (ostree_gpg_verify_result_count_valid (result) == 0)
     {
-      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                           "GPG signatures found, but none are in trusted keyring");
-      return FALSE;
+      return glnx_throw (error, "%s",
+                        "GPG signatures found, but none are in trusted keyring");
     }
 
   return TRUE;
diff --git a/src/libostree/ostree-linuxfsutil.c b/src/libostree/ostree-linuxfsutil.c
index b270a94e..9785ac57 100644
--- a/src/libostree/ostree-linuxfsutil.c
+++ b/src/libostree/ostree-linuxfsutil.c
@@ -27,6 +27,8 @@
 #include 
 #include 
 
+#include "otutil.h"
+
 /**
  * _ostree_linuxfs_fd_alter_immutable_flag:
  * @fd: A file descriptor
@@ -47,29 +49,21 @@ _ostree_linuxfs_fd_alter_immutable_flag (int            fd,
                                          GCancellable  *cancellable,
                                          GError       **error)
 {
-  gboolean ret = FALSE;
-  unsigned long flags;
-  int r;
   static gint no_alter_immutable = 0;
 
   if (g_atomic_int_get (&no_alter_immutable))
     return TRUE;
 
-  r = ioctl (fd, EXT2_IOC_GETFLAGS, &flags);
+  unsigned long flags;
+  int r = ioctl (fd, EXT2_IOC_GETFLAGS, &flags);
   if (r == -1)
     {
-      int errsv = errno;
-      if (errsv == EPERM)
+      if (errno == EPERM)
         g_atomic_int_set (&no_alter_immutable, 1);
-      else if (errsv == EOPNOTSUPP || errsv == ENOTTY)
+      else if (errno == EOPNOTSUPP || errno == ENOTTY)
         ;
       else
-        {
-          g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                       "ioctl(EXT2_IOC_GETFLAGS): %s",
-                       g_strerror (errsv));
-          goto out;
-        }
+        return glnx_throw_errno_prefix (error, "ioctl(EXT2_IOC_GETFLAGS)");
     }
   else
     {
@@ -80,54 +74,14 @@ _ostree_linuxfs_fd_alter_immutable_flag (int            fd,
       r = ioctl (fd, EXT2_IOC_SETFLAGS, &flags);
       if (r == -1)
         {
-          int errsv = errno;
-          if (errsv == EPERM)
+          if (errno == EPERM)
             g_atomic_int_set (&no_alter_immutable, 1);
-          else if (errsv == EOPNOTSUPP || errsv == ENOTTY)
+          else if (errno == EOPNOTSUPP || errno == ENOTTY)
             ;
           else
-            {
-              g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                           "ioctl(EXT2_IOC_GETFLAGS): %s",
-                           g_strerror (errsv));
-              goto out;
-            }
+            return glnx_throw_errno_prefix (error, "ioctl(EXT2_IOC_SETFLAGS)");
         }
     }
 
-  ret = TRUE;
- out:
-  return ret;
-}
-
-gboolean
-_ostree_linuxfs_alter_immutable_flag (GFile         *path,
-                                      gboolean       new_immutable_state,
-                                      GCancellable  *cancellable,
-                                      GError       **error)
-{
-  gboolean ret = FALSE;
-  glnx_fd_close int fd = -1;
-
-  if (g_cancellable_set_error_if_cancelled (cancellable, error))
-    return FALSE;
-
-  fd = open (gs_file_get_path_cached (path), O_RDONLY|O_NONBLOCK|O_LARGEFILE);
-  if (fd == -1)
-    {
-      int errsv = errno;
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "open(%s): %s",
-                   gs_file_get_path_cached (path),
-                   g_strerror (errsv));
-      goto out;
-    }
-
-  if (!_ostree_linuxfs_fd_alter_immutable_flag (fd, new_immutable_state,
-                                                cancellable, error))
-    goto out;
-
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
diff --git a/src/libostree/ostree-linuxfsutil.h b/src/libostree/ostree-linuxfsutil.h
index 9c74b8a9..84122a70 100644
--- a/src/libostree/ostree-linuxfsutil.h
+++ b/src/libostree/ostree-linuxfsutil.h
@@ -30,10 +30,4 @@ _ostree_linuxfs_fd_alter_immutable_flag (int            fd,
                                          GCancellable  *cancellable,
                                          GError       **error);
 
-gboolean
-_ostree_linuxfs_alter_immutable_flag (GFile         *path,
-                                      gboolean       new_immutable_state,
-                                      GCancellable  *cancellable,
-                                      GError       **error);
-
 G_END_DECLS
diff --git a/src/libostree/ostree-remote-private.h b/src/libostree/ostree-remote-private.h
index e207ed4c..856cdaa6 100644
--- a/src/libostree/ostree-remote-private.h
+++ b/src/libostree/ostree-remote-private.h
@@ -38,15 +38,15 @@ G_BEGIN_DECLS
 
 struct OstreeRemote {
   volatile int ref_count;
-  char *name;
-  char *group;   /* group name in options */
-  char *keyring; /* keyring name (NAME.trustedkeys.gpg) */
+  char *name;  /* (not nullable) */
+  char *group;   /* group name in options (not nullable) */
+  char *keyring; /* keyring name (NAME.trustedkeys.gpg) (not nullable) */
   GFile *file;   /* NULL if remote defined in repo/config */
   GKeyFile *options;
 };
 
 G_GNUC_INTERNAL
-OstreeRemote *ostree_remote_new (void);
+OstreeRemote *ostree_remote_new (const gchar *name);
 
 G_GNUC_INTERNAL
 OstreeRemote *ostree_remote_new_from_keyfile (GKeyFile    *keyfile,
diff --git a/src/libostree/ostree-remote.c b/src/libostree/ostree-remote.c
index 86fae8d8..1932b22f 100644
--- a/src/libostree/ostree-remote.c
+++ b/src/libostree/ostree-remote.c
@@ -53,12 +53,17 @@
  */
 
 OstreeRemote *
-ostree_remote_new (void)
+ostree_remote_new (const gchar *name)
 {
   OstreeRemote *remote;
 
+  g_return_val_if_fail (name != NULL && *name != '\0', NULL);
+
   remote = g_slice_new0 (OstreeRemote);
   remote->ref_count = 1;
+  remote->name = g_strdup (name);
+  remote->group = g_strdup_printf ("remote \"%s\"", name);
+  remote->keyring = g_strdup_printf ("%s.trustedkeys.gpg", name);
   remote->options = g_key_file_new ();
 
   return remote;
@@ -70,6 +75,7 @@ ostree_remote_new_from_keyfile (GKeyFile    *keyfile,
 {
   g_autoptr(GMatchInfo) match = NULL;
   OstreeRemote *remote;
+  g_autofree gchar *name = NULL;
 
   static gsize regex_initialized;
   static GRegex *regex;
@@ -88,10 +94,8 @@ ostree_remote_new_from_keyfile (GKeyFile    *keyfile,
   if (!g_regex_match (regex, group, 0, &match))
     return NULL;
 
-  remote = ostree_remote_new ();
-  remote->name = g_match_info_fetch (match, 1);
-  remote->group = g_strdup (group);
-  remote->keyring = g_strdup_printf ("%s.trustedkeys.gpg", remote->name);
+  name = g_match_info_fetch (match, 1);
+  remote = ostree_remote_new (name);
 
   ot_keyfile_copy_group (keyfile, remote->options, group);
 
@@ -148,3 +152,23 @@ G_DEFINE_BOXED_TYPE(OstreeRemote, ostree_remote,
                     ostree_remote_ref,
                     ostree_remote_unref);
 #endif
+
+/**
+ * ostree_remote_get_name:
+ * @remote: an #OstreeRemote
+ *
+ * Get the human-readable name of the remote. This is what the user configured,
+ * if the remote was explicitly configured; and will otherwise be a stable,
+ * arbitrary, string.
+ *
+ * Returns: remote’s name
+ * Since: 2017.7
+ */
+const gchar *
+ostree_remote_get_name (OstreeRemote *remote)
+{
+  g_return_val_if_fail (remote != NULL, NULL);
+  g_return_val_if_fail (remote->ref_count > 0, NULL);
+
+  return remote->name;
+}
diff --git a/src/libostree/ostree-remote.h b/src/libostree/ostree-remote.h
index 8e96213c..96fd4556 100644
--- a/src/libostree/ostree-remote.h
+++ b/src/libostree/ostree-remote.h
@@ -48,16 +48,16 @@ G_BEGIN_DECLS
 typedef struct OstreeRemote OstreeRemote;
 #endif
 
-#ifdef OSTREE_ENABLE_EXPERIMENTAL_API
+#ifndef __GI_SCANNER__
 _OSTREE_PUBLIC
 GType ostree_remote_get_type (void) G_GNUC_CONST;
-#else
-#ifndef __GI_SCANNER__
 _OSTREE_PUBLIC
 OstreeRemote *ostree_remote_ref (OstreeRemote *remote);
 _OSTREE_PUBLIC
 void ostree_remote_unref (OstreeRemote *remote);
 #endif /* GI_SCANNER */
-#endif
+
+_OSTREE_PUBLIC
+const gchar *ostree_remote_get_name (OstreeRemote *remote);
 
 G_END_DECLS
diff --git a/src/libostree/ostree-repo-checkout.c b/src/libostree/ostree-repo-checkout.c
index f6e91498..af5c021f 100644
--- a/src/libostree/ostree-repo-checkout.c
+++ b/src/libostree/ostree-repo-checkout.c
@@ -60,13 +60,11 @@ checkout_object_for_uncompressed_cache (OstreeRepo      *self,
   guint32 file_mode = g_file_info_get_attribute_uint32 (src_info, "unix::mode");
   file_mode &= ~(S_ISUID|S_ISGID);
 
-  glnx_fd_close int fd = -1;
-  g_autofree char *temp_filename = NULL;
-  if (!glnx_open_tmpfile_linkable_at (self->tmp_dir_fd, ".", O_WRONLY | O_CLOEXEC,
-                                      &fd, &temp_filename,
-                                      error))
+  g_auto(OtTmpfile) tmpf = { 0, };
+  if (!ot_open_tmpfile_linkable_at (self->tmp_dir_fd, ".", O_WRONLY | O_CLOEXEC,
+                                    &tmpf, error))
     return FALSE;
-  g_autoptr(GOutputStream) temp_out = g_unix_output_stream_new (fd, FALSE);
+  g_autoptr(GOutputStream) temp_out = g_unix_output_stream_new (tmpf.fd, FALSE);
 
   if (g_output_stream_splice (temp_out, content, 0, cancellable, error) < 0)
     return FALSE;
@@ -76,14 +74,14 @@ checkout_object_for_uncompressed_cache (OstreeRepo      *self,
 
   if (!self->disable_fsync)
     {
-      if (TEMP_FAILURE_RETRY (fsync (fd)) < 0)
+      if (TEMP_FAILURE_RETRY (fsync (tmpf.fd)) < 0)
         return glnx_throw_errno (error);
     }
 
   if (!g_output_stream_close (temp_out, cancellable, error))
     return FALSE;
 
-  if (fchmod (fd, file_mode) < 0)
+  if (fchmod (tmpf.fd, file_mode) < 0)
     return glnx_throw_errno (error);
 
   if (!_ostree_repo_ensure_loose_objdir_at (self->uncompressed_objects_dir_fd,
@@ -91,10 +89,9 @@ checkout_object_for_uncompressed_cache (OstreeRepo      *self,
                                             cancellable, error))
     return FALSE;
 
-  if (!glnx_link_tmpfile_at (self->tmp_dir_fd, GLNX_LINK_TMPFILE_NOREPLACE_IGNORE_EXIST,
-                             fd, temp_filename,
-                             self->uncompressed_objects_dir_fd, loose_path,
-                             error))
+  if (!ot_link_tmpfile_at (&tmpf, GLNX_LINK_TMPFILE_NOREPLACE_IGNORE_EXIST,
+                           self->uncompressed_objects_dir_fd, loose_path,
+                           error))
     return FALSE;
 
   return TRUE;
@@ -143,10 +140,7 @@ write_regular_file_content (OstreeRepo            *self,
     {
       if (TEMP_FAILURE_RETRY (fchown (outfd, g_file_info_get_attribute_uint32 (file_info, "unix::uid"),
                                       g_file_info_get_attribute_uint32 (file_info, "unix::gid"))) < 0)
-        return glnx_throw_errno (error);
-
-      if (TEMP_FAILURE_RETRY (fchmod (outfd, g_file_info_get_attribute_uint32 (file_info, "unix::mode"))) < 0)
-        return glnx_throw_errno (error);
+        return glnx_throw_errno_prefix (error, "fchown");
 
       if (xattrs)
         {
@@ -155,10 +149,19 @@ write_regular_file_content (OstreeRepo            *self,
         }
     }
 
+  guint32 file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
+
+  /* Don't make setuid files on checkout when we're doing --user */
+  if (mode == OSTREE_REPO_CHECKOUT_MODE_USER)
+    file_mode &= ~(S_ISUID|S_ISGID);
+
+  if (TEMP_FAILURE_RETRY (fchmod (outfd, file_mode)) < 0)
+    return glnx_throw_errno_prefix (error, "fchmod");
+
   if (fsync_is_enabled (self, options))
     {
       if (fsync (outfd) == -1)
-        return glnx_throw_errno (error);
+        return glnx_throw_errno_prefix (error, "fsync");
     }
 
   if (outstream)
@@ -185,7 +188,6 @@ create_file_copy_from_input_at (OstreeRepo     *repo,
                                 GCancellable   *cancellable,
                                 GError        **error)
 {
-  g_autofree char *temp_filename = NULL;
   const gboolean union_mode = options->overwrite_mode == OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_FILES;
   const gboolean add_mode = options->overwrite_mode == OSTREE_REPO_CHECKOUT_OVERWRITE_ADD_FILES;
   const gboolean sepolicy_enabled = options->sepolicy && !repo->disable_xattrs;
@@ -252,33 +254,26 @@ create_file_copy_from_input_at (OstreeRepo     *repo,
     }
   else if (g_file_info_get_file_type (file_info) == G_FILE_TYPE_REGULAR)
     {
-      glnx_fd_close int temp_fd = -1;
-      guint32 file_mode;
+      g_auto(OtTmpfile) tmpf = { 0, };
       GLnxLinkTmpfileReplaceMode replace_mode;
 
-      file_mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
-      /* Don't make setuid files on checkout when we're doing --user */
-      if (options->mode == OSTREE_REPO_CHECKOUT_MODE_USER)
-        file_mode &= ~(S_ISUID|S_ISGID);
-
-      if (!glnx_open_tmpfile_linkable_at (destination_dfd, ".", O_WRONLY | O_CLOEXEC,
-                                          &temp_fd, &temp_filename,
-                                          error))
+      if (!ot_open_tmpfile_linkable_at (destination_dfd, ".", O_WRONLY | O_CLOEXEC,
+                                        &tmpf, error))
         return FALSE;
 
-      if (sepolicy_enabled)
+      if (sepolicy_enabled && options->mode != OSTREE_REPO_CHECKOUT_MODE_USER)
         {
           g_autofree char *label = NULL;
-          if (!ostree_sepolicy_get_label (options->sepolicy,
-                                          state->selabel_path_buf->str,
+          if (!ostree_sepolicy_get_label (options->sepolicy, state->selabel_path_buf->str,
                                           g_file_info_get_attribute_uint32 (file_info, "unix::mode"),
                                           &label, cancellable, error))
             return FALSE;
-          if (fsetxattr (temp_fd, "security.selinux", label, strlen (label), 0) < 0)
+
+          if (fsetxattr (tmpf.fd, "security.selinux", label, strlen (label), 0) < 0)
             return glnx_throw_errno_prefix (error, "Setting security.selinux");
         }
 
-      if (!write_regular_file_content (repo, options, temp_fd, file_info, xattrs, input,
+      if (!write_regular_file_content (repo, options, tmpf.fd, file_info, xattrs, input,
                                        cancellable, error))
         return FALSE;
 
@@ -290,10 +285,9 @@ create_file_copy_from_input_at (OstreeRepo     *repo,
       else
         replace_mode = GLNX_LINK_TMPFILE_NOREPLACE;
 
-      if (!glnx_link_tmpfile_at (destination_dfd, replace_mode,
-                                 temp_fd, temp_filename, destination_dfd,
-                                 destination_name,
-                                 error))
+      if (!ot_link_tmpfile_at (&tmpf, replace_mode,
+                               destination_dfd, destination_name,
+                               error))
         return FALSE;
     }
   else
@@ -699,9 +693,9 @@ checkout_tree_at_recurse (OstreeRepo                        *self,
     g_autoptr(GVariant) contents_csum_v = NULL;
     while (g_variant_iter_loop (&viter, "(&s@ay)", &fname, &contents_csum_v))
       {
-        const size_t namelen = strlen (fname);
+        const size_t origlen = selabel_path_buf ? selabel_path_buf->len : 0;
         if (selabel_path_buf)
-          g_string_append_len (selabel_path_buf, fname, namelen);
+          g_string_append (selabel_path_buf, fname);
 
         char tmp_checksum[OSTREE_SHA256_STRING_LEN+1];
         _ostree_checksum_inplace_from_bytes_v (contents_csum_v, tmp_checksum);
@@ -713,7 +707,7 @@ checkout_tree_at_recurse (OstreeRepo                        *self,
           return FALSE;
 
         if (selabel_path_buf)
-          g_string_truncate (selabel_path_buf, selabel_path_buf->len - namelen);
+          g_string_truncate (selabel_path_buf, origlen);
       }
     contents_csum_v = NULL; /* iter_loop freed it */
   }
@@ -728,10 +722,10 @@ checkout_tree_at_recurse (OstreeRepo                        *self,
     while (g_variant_iter_loop (&viter, "(&s@ay@ay)", &dname,
                                 &subdirtree_csum_v, &subdirmeta_csum_v))
       {
-        const size_t namelen = strlen (dname);
+        const size_t origlen = selabel_path_buf ? selabel_path_buf->len : 0;
         if (selabel_path_buf)
           {
-            g_string_append_len (selabel_path_buf, dname, namelen);
+            g_string_append (selabel_path_buf, dname);
             g_string_append_c (selabel_path_buf, '/');
           }
 
@@ -746,7 +740,7 @@ checkout_tree_at_recurse (OstreeRepo                        *self,
           return FALSE;
 
         if (selabel_path_buf)
-          g_string_truncate (selabel_path_buf, selabel_path_buf->len - namelen);
+          g_string_truncate (selabel_path_buf, origlen);
       }
   }
 
@@ -755,8 +749,18 @@ checkout_tree_at_recurse (OstreeRepo                        *self,
    */
   if (!did_exist)
     {
-      if (TEMP_FAILURE_RETRY (fchmod (destination_dfd, mode)) < 0)
-        return glnx_throw_errno (error);
+      guint32 canonical_mode;
+      /* Silently ignore world-writable directories (plus sticky, suid bits,
+       * etc.) when doing a checkout for bare-user-only repos, or if requested explicitly.
+       * This is related to the logic in ostree-repo-commit.c for files.
+       * See also: https://github.com/ostreedev/ostree/pull/909 i.e. 0c4b3a2b6da950fd78e63f9afec602f6188f1ab0
+       */
+      if (self->mode == OSTREE_REPO_MODE_BARE_USER_ONLY || options->bareuseronly_dirs)
+        canonical_mode = (mode & 0775) | S_IFDIR;
+      else
+        canonical_mode = mode;
+      if (TEMP_FAILURE_RETRY (fchmod (destination_dfd, canonical_mode)) < 0)
+        return glnx_throw_errno_prefix (error, "fchmod");
     }
 
   if (!did_exist && options->mode != OSTREE_REPO_CHECKOUT_MODE_USER)
diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
index ce45a911..45b5bc6e 100644
--- a/src/libostree/ostree-repo-commit.c
+++ b/src/libostree/ostree-repo-commit.c
@@ -179,10 +179,13 @@ _ostree_repo_commit_loose_final (OstreeRepo        *self,
   return TRUE;
 }
 
+/* Given either a file or symlink, apply the final metadata to it depending on
+ * the repository mode. Note that @checksum is assumed to have been validated by
+ * the caller.
+ */
 static gboolean
-commit_loose_object_trusted (OstreeRepo        *self,
+commit_loose_content_object (OstreeRepo        *self,
                              const char        *checksum,
-                             OstreeObjectType   objtype,
                              const char        *temp_filename,
                              gboolean           object_is_symlink,
                              guint32            uid,
@@ -193,8 +196,6 @@ commit_loose_object_trusted (OstreeRepo        *self,
                              GCancellable      *cancellable,
                              GError           **error)
 {
-  gboolean ret = FALSE;
-
   /* We may be writing as root to a non-root-owned repository; if so,
    * automatically inherit the non-root ownership.
    */
@@ -204,19 +205,13 @@ commit_loose_object_trusted (OstreeRepo        *self,
       if (fd != -1)
         {
           if (fchown (fd, self->target_owner_uid, self->target_owner_gid) < 0)
-            {
-              glnx_set_error_from_errno (error);
-              goto out;
-            }
+            return glnx_throw_errno_prefix (error, "fchown");
         }
       else if (G_UNLIKELY (fchownat (self->tmp_dir_fd, temp_filename,
                                      self->target_owner_uid,
                                      self->target_owner_gid,
                                      AT_SYMLINK_NOFOLLOW) == -1))
-        {
-          glnx_set_error_from_errno (error);
-          goto out;
-        }
+        return glnx_throw_errno_prefix (error, "fchownat");
     }
 
   /* Special handling for symlinks in bare repositories */
@@ -235,85 +230,70 @@ commit_loose_object_trusted (OstreeRepo        *self,
       if (G_UNLIKELY (fchownat (self->tmp_dir_fd, temp_filename,
                                 uid, gid,
                                 AT_SYMLINK_NOFOLLOW) == -1))
-        {
-          glnx_set_error_from_errno (error);
-          goto out;
-        }
+        return glnx_throw_errno_prefix (error, "fchownat");
 
       if (xattrs != NULL)
         {
           ot_security_smack_reset_dfd_name (self->tmp_dir_fd, temp_filename);
           if (!glnx_dfd_name_set_all_xattrs (self->tmp_dir_fd, temp_filename,
                                                xattrs, cancellable, error))
-            goto out;
+            return FALSE;
         }
     }
   else
     {
-      int res;
-
-      if (objtype == OSTREE_OBJECT_TYPE_FILE && self->mode == OSTREE_REPO_MODE_BARE)
+      if (self->mode == OSTREE_REPO_MODE_BARE)
         {
-          do
-            res = fchown (fd, uid, gid);
-          while (G_UNLIKELY (res == -1 && errno == EINTR));
-          if (G_UNLIKELY (res == -1))
-            {
-              glnx_set_error_from_errno (error);
-              goto out;
-            }
+          if (TEMP_FAILURE_RETRY (fchown (fd, uid, gid)) < 0)
+            return glnx_throw_errno_prefix (error, "fchown");
 
-          do
-            res = fchmod (fd, mode);
-          while (G_UNLIKELY (res == -1 && errno == EINTR));
-          if (G_UNLIKELY (res == -1))
-            {
-              glnx_set_error_from_errno (error);
-              goto out;
-            }
+          if (TEMP_FAILURE_RETRY (fchmod (fd, mode)) < 0)
+            return glnx_throw_errno_prefix (error, "fchmod");
 
           if (xattrs)
             {
               ot_security_smack_reset_fd (fd);
               if (!glnx_fd_set_all_xattrs (fd, xattrs, cancellable, error))
-                goto out;
+                return FALSE;
             }
         }
-
-      if (objtype == OSTREE_OBJECT_TYPE_FILE &&
-          (self->mode == OSTREE_REPO_MODE_BARE_USER || self->mode == OSTREE_REPO_MODE_BARE_USER_ONLY))
+      else if (self->mode == OSTREE_REPO_MODE_BARE_USER)
         {
+          if (!write_file_metadata_to_xattr (fd, uid, gid, mode, xattrs, error))
+            return FALSE;
+
           if (!object_is_symlink)
             {
-              /* We need to apply at least some mode bits, because the repo file was created
-                 with mode 644, and we need e.g. exec bits to be right when we do a user-mode
-                 checkout. To make this work we apply all user bits and the read bits for
-                 group/other.  Furthermore, setting user xattrs requires write access, so
-                 this makes sure it's at least writable by us.  (O_TMPFILE uses mode 0 by default) */
-              if (fchmod (fd, mode | 0744) < 0)
-                return glnx_throw_errno (error);
+              /* Note that previously this path added `| 0755` which made every
+               * file executable, see
+               * https://github.com/ostreedev/ostree/issues/907
+               */
+              const mode_t content_mode = (mode & (S_IFREG | 0775));
+              if (fchmod (fd, content_mode) < 0)
+                return glnx_throw_errno_prefix (error, "fchmod");
             }
+        }
+      else if (self->mode == OSTREE_REPO_MODE_BARE_USER_ONLY
+               && !object_is_symlink)
+        {
+          guint32 invalid_modebits = (mode & ~S_IFMT) & ~0775;
+          if (invalid_modebits > 0)
+            return glnx_throw (error, "Invalid mode 0%04o with bits 0%04o in bare-user-only repository",
+                               mode, invalid_modebits);
 
-          if (self->mode == OSTREE_REPO_MODE_BARE_USER &&
-              !write_file_metadata_to_xattr (fd, uid, gid, mode, xattrs, error))
-            return FALSE;
+          if (fchmod (fd, mode) < 0)
+            return glnx_throw_errno_prefix (error, "fchmod");
         }
 
-      if (objtype == OSTREE_OBJECT_TYPE_FILE && _ostree_repo_mode_is_bare (self->mode))
+      if (_ostree_repo_mode_is_bare (self->mode))
         {
           /* To satisfy tools such as guile which compare mtimes
            * to determine whether or not source files need to be compiled,
            * set the modification time to OSTREE_TIMESTAMP.
            */
           const struct timespec times[2] = { { OSTREE_TIMESTAMP, UTIME_OMIT }, { OSTREE_TIMESTAMP, 0} };
-          do
-            res = futimens (fd, times);
-          while (G_UNLIKELY (res == -1 && errno == EINTR));
-          if (G_UNLIKELY (res == -1))
-            {
-              glnx_set_error_from_errno (error);
-              goto out;
-            }
+          if (TEMP_FAILURE_RETRY (futimens (fd, times)) < 0)
+            return glnx_throw_errno_prefix (error, "futimens");
         }
 
       /* Ensure that in case of a power cut, these files have the data we
@@ -322,23 +302,16 @@ commit_loose_object_trusted (OstreeRepo        *self,
       if (!self->in_transaction && !self->disable_fsync)
         {
           if (fsync (fd) == -1)
-            {
-              glnx_set_error_from_errno (error);
-              goto out;
-            }
+            return glnx_throw_errno_prefix (error, "fsync");
         }
     }
 
-  if (!_ostree_repo_commit_loose_final (self, checksum, objtype,
+  if (!_ostree_repo_commit_loose_final (self, checksum, OSTREE_OBJECT_TYPE_FILE,
                                         self->tmp_dir_fd, fd, temp_filename,
                                         cancellable, error))
-    goto out;
-  
-  ret = TRUE;
- out:
-  if (G_UNLIKELY (error && *error))
-    g_prefix_error (error, "Writing object %s.%s: ", checksum, ostree_object_type_to_string (objtype));
-  return ret;
+    return FALSE;
+
+  return TRUE;
 }
 
 typedef struct
@@ -535,12 +508,15 @@ _ostree_repo_commit_trusted_content_bare (OstreeRepo          *self,
 
   if (state->fd != -1)
     {
-      if (!commit_loose_object_trusted (self, checksum, OSTREE_OBJECT_TYPE_FILE,
+      if (!commit_loose_content_object (self, checksum,
                                         state->temp_filename,
                                         FALSE, uid, gid, mode,
                                         xattrs, state->fd,
                                         cancellable, error))
-        goto out;
+        {
+          g_prefix_error (error, "Writing object %s.%s: ", checksum, ostree_object_type_to_string (OSTREE_OBJECT_TYPE_FILE));
+          goto out;
+        }
     }
 
   ret = TRUE;
@@ -591,306 +567,356 @@ create_regular_tmpfile_linkable_with_content (OstreeRepo *self,
   return TRUE;
 }
 
-static gboolean
-write_object (OstreeRepo         *self,
-              OstreeObjectType    objtype,
-              const char         *expected_checksum,
-              GInputStream       *input,
-              guint64             file_object_length,
-              guchar            **out_csum,
-              GCancellable       *cancellable,
-              GError            **error)
-{
-  gboolean ret = FALSE;
-  const char *actual_checksum = NULL;
-  g_autofree char *actual_checksum_owned = NULL;
-  gboolean do_commit;
-  OstreeRepoMode repo_mode;
-  g_autofree char *temp_filename = NULL;
-  g_autofree guchar *ret_csum = NULL;
-  glnx_unref_object OtChecksumInstream *checksum_input = NULL;
-  g_autoptr(GInputStream) file_input = NULL;
-  g_autoptr(GFileInfo) file_info = NULL;
-  g_autoptr(GVariant) xattrs = NULL;
-  gboolean have_obj;
-  gboolean temp_file_is_regular;
-  gboolean temp_file_is_symlink;
-  glnx_fd_close int temp_fd = -1;
-  gboolean object_is_symlink = FALSE;
-  gssize unpacked_size = 0;
-  gboolean indexable = FALSE;
+/* A little helper to call unlinkat() as a cleanup
+ * function.  Mostly only necessary to handle
+ * deletion of temporary symlinks.
+ */
+typedef struct {
+  int dfd;
+  const char *path;
+} CleanupUnlinkat;
 
+static void
+cleanup_unlinkat (CleanupUnlinkat *cleanup)
+{
+  if (cleanup->path)
+    (void) unlinkat (cleanup->dfd, cleanup->path, 0);
+}
+G_DEFINE_AUTO_CLEANUP_CLEAR_FUNC(CleanupUnlinkat, cleanup_unlinkat);
+
+/* Write a content object. */
+static gboolean
+write_content_object (OstreeRepo         *self,
+                      const char         *expected_checksum,
+                      GInputStream       *input,
+                      guint64             file_object_length,
+                      guchar            **out_csum,
+                      GCancellable       *cancellable,
+                      GError            **error)
+{
   g_return_val_if_fail (expected_checksum || out_csum, FALSE);
 
   if (g_cancellable_set_error_if_cancelled (cancellable, error))
     return FALSE;
 
-  if (expected_checksum)
-    {
-      if (!_ostree_repo_has_loose_object (self, expected_checksum, objtype, &have_obj,
-                                          cancellable, error))
-        goto out;
-      if (have_obj)
-        {
-          if (out_csum)
-            *out_csum = ostree_checksum_to_bytes (expected_checksum);
-          ret = TRUE;
-          goto out;
-        }
-    }
-
-  repo_mode = ostree_repo_get_mode (self);
+  OstreeRepoMode repo_mode = ostree_repo_get_mode (self);
 
+  glnx_unref_object OtChecksumInstream *checksum_input = NULL;
   if (out_csum)
     checksum_input = ot_checksum_instream_new (input, G_CHECKSUM_SHA256);
 
-  if (objtype == OSTREE_OBJECT_TYPE_FILE)
+  g_autoptr(GInputStream) file_input = NULL;
+  g_autoptr(GVariant) xattrs = NULL;
+  g_autoptr(GFileInfo) file_info = NULL;
+  if (!ostree_content_stream_parse (FALSE, checksum_input ? (GInputStream*)checksum_input : input,
+                                    file_object_length, FALSE,
+                                    &file_input, &file_info, &xattrs,
+                                    cancellable, error))
+    return FALSE;
+
+  gboolean temp_file_is_regular = g_file_info_get_file_type (file_info) == G_FILE_TYPE_REGULAR;
+  gboolean temp_file_is_symlink = g_file_info_get_file_type (file_info) == G_FILE_TYPE_SYMBOLIC_LINK;
+  gboolean object_is_symlink = temp_file_is_symlink;
+
+  if (repo_mode == OSTREE_REPO_MODE_BARE_USER && object_is_symlink)
     {
-      if (!ostree_content_stream_parse (FALSE, checksum_input ? (GInputStream*)checksum_input : input,
-                                        file_object_length, FALSE,
-                                        &file_input, &file_info, &xattrs,
-                                        cancellable, error))
-        goto out;
+      const char *target_str = g_file_info_get_symlink_target (file_info);
+      g_autoptr(GBytes) target = g_bytes_new (target_str, strlen (target_str) + 1);
 
-      temp_file_is_regular = g_file_info_get_file_type (file_info) == G_FILE_TYPE_REGULAR;
-      temp_file_is_symlink = object_is_symlink =
-        g_file_info_get_file_type (file_info) == G_FILE_TYPE_SYMBOLIC_LINK;
+      /* For bare-user we can't store symlinks as symlinks, as symlinks don't
+         support user xattrs to store the ownership. So, instead store them
+         as regular files */
+      temp_file_is_regular = TRUE;
+      temp_file_is_symlink = FALSE;
 
-      if (repo_mode == OSTREE_REPO_MODE_BARE_USER && object_is_symlink)
-        {
-          const char *target_str = g_file_info_get_symlink_target (file_info);
-          g_autoptr(GBytes) target = g_bytes_new (target_str, strlen (target_str) + 1);
-
-          /* For bare-user we can't store symlinks as symlinks, as symlinks don't
-             support user xattrs to store the ownership. So, instead store them
-             as regular files */
-          temp_file_is_regular = TRUE;
-          temp_file_is_symlink = FALSE;
-          if (file_input != NULL)
-            g_object_unref (file_input);
-
-          /* Include the terminating zero so we can e.g. mmap this file */
-          file_input = g_memory_input_stream_new_from_bytes (target);
-        }
-
-      if (!(temp_file_is_regular || temp_file_is_symlink))
-        {
-          g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                       "Unsupported file type %u", g_file_info_get_file_type (file_info));
-          goto out;
-        }
-
-      /* For regular files, we create them with default mode, and only
-       * later apply any xattrs and setuid bits.  The rationale here
-       * is that an attacker on the network with the ability to MITM
-       * could potentially cause the system to make a temporary setuid
-       * binary with trailing garbage, creating a window on the local
-       * system where a malicious setuid binary exists.
-       */
-      if ((_ostree_repo_mode_is_bare (repo_mode)) && temp_file_is_regular)
-        {
-          guint64 size = g_file_info_get_size (file_info);
-
-          if (!create_regular_tmpfile_linkable_with_content (self, size, file_input,
-                                                             &temp_fd, &temp_filename,
-                                                             cancellable, error))
-            goto out;
-        }
-      else if (_ostree_repo_mode_is_bare (repo_mode) && temp_file_is_symlink)
-        {
-          /* Note: This will not be hit for bare-user mode because its converted to a
-             regular file and take the branch above */
-          if (!_ostree_make_temporary_symlink_at (self->tmp_dir_fd,
-                                                  g_file_info_get_symlink_target (file_info),
-                                                  &temp_filename,
-                                                  cancellable, error))
-            goto out;
-        }
-      else if (repo_mode == OSTREE_REPO_MODE_ARCHIVE_Z2)
-        {
-          g_autoptr(GVariant) file_meta = NULL;
-          g_autoptr(GConverter) zlib_compressor = NULL;
-          g_autoptr(GOutputStream) compressed_out_stream = NULL;
-          g_autoptr(GOutputStream) temp_out = NULL;
-
-          if (self->generate_sizes)
-            indexable = TRUE;
-
-          if (!glnx_open_tmpfile_linkable_at (self->tmp_dir_fd, ".", O_WRONLY|O_CLOEXEC,
-                                              &temp_fd, &temp_filename,
-                                              error))
-            goto out;
-          temp_file_is_regular = TRUE;
-          temp_out = g_unix_output_stream_new (temp_fd, FALSE);
-
-          file_meta = _ostree_zlib_file_header_new (file_info, xattrs);
-
-          if (!_ostree_write_variant_with_size (temp_out, file_meta, 0, NULL, NULL,
-                                                cancellable, error))
-            goto out;
-
-          if (g_file_info_get_file_type (file_info) == G_FILE_TYPE_REGULAR)
-            {
-              zlib_compressor = (GConverter*)g_zlib_compressor_new (G_ZLIB_COMPRESSOR_FORMAT_RAW, self->zlib_compression_level);
-              compressed_out_stream = g_converter_output_stream_new (temp_out, zlib_compressor);
-              /* Don't close the base; we'll do that later */
-              g_filter_output_stream_set_close_base_stream ((GFilterOutputStream*)compressed_out_stream, FALSE);
-              
-              unpacked_size = g_output_stream_splice (compressed_out_stream, file_input,
-                                                      0, cancellable, error);
-              if (unpacked_size < 0)
-                goto out;
-            }
-
-          if (!g_output_stream_flush (temp_out, cancellable, error))
-            goto out;
-
-          if (fchmod (temp_fd, 0644) < 0)
-            {
-              glnx_set_error_from_errno (error);
-              goto out;
-            }
-        }
-      else
-        g_assert_not_reached ();
+      if (file_input != NULL)
+        g_object_unref (file_input);
+      /* Include the terminating zero so we can e.g. mmap this file */
+      file_input = g_memory_input_stream_new_from_bytes (target);
     }
-  else
+
+  if (!(temp_file_is_regular || temp_file_is_symlink))
+    return glnx_throw (error, "Unsupported file type %u", g_file_info_get_file_type (file_info));
+
+  /* For regular files, we create them with default mode, and only
+   * later apply any xattrs and setuid bits.  The rationale here
+   * is that an attacker on the network with the ability to MITM
+   * could potentially cause the system to make a temporary setuid
+   * binary with trailing garbage, creating a window on the local
+   * system where a malicious setuid binary exists.
+   */
+  /* These variables are almost equivalent to OtTmpfile, except
+   * temp_filename might also be a symlink.  Hence the CleanupUnlinkat
+   * which handles that case.
+   */
+  g_auto(CleanupUnlinkat) tmp_unlinker = { self->tmp_dir_fd, NULL };
+  glnx_fd_close int temp_fd = -1;
+  g_autofree char *temp_filename = NULL;
+  gssize unpacked_size = 0;
+  gboolean indexable = FALSE;
+  if ((_ostree_repo_mode_is_bare (repo_mode)) && temp_file_is_regular)
     {
-      if (!create_regular_tmpfile_linkable_with_content (self, file_object_length,
-                                                         checksum_input ? (GInputStream*)checksum_input : input,
+      guint64 size = g_file_info_get_size (file_info);
+
+      if (!create_regular_tmpfile_linkable_with_content (self, size, file_input,
                                                          &temp_fd, &temp_filename,
                                                          cancellable, error))
-        goto out;
+        return FALSE;
+      tmp_unlinker.path = temp_filename;
+    }
+  else if (_ostree_repo_mode_is_bare (repo_mode) && temp_file_is_symlink)
+    {
+      /* Note: This will not be hit for bare-user mode because its converted to a
+         regular file and take the branch above */
+      if (!_ostree_make_temporary_symlink_at (self->tmp_dir_fd,
+                                              g_file_info_get_symlink_target (file_info),
+                                              &temp_filename,
+                                              cancellable, error))
+        return FALSE;
+      tmp_unlinker.path = temp_filename;
+    }
+  else if (repo_mode == OSTREE_REPO_MODE_ARCHIVE_Z2)
+    {
+      g_autoptr(GVariant) file_meta = NULL;
+      g_autoptr(GConverter) zlib_compressor = NULL;
+      g_autoptr(GOutputStream) compressed_out_stream = NULL;
+      g_autoptr(GOutputStream) temp_out = NULL;
+
+      if (self->generate_sizes)
+        indexable = TRUE;
+
+      if (!glnx_open_tmpfile_linkable_at (self->tmp_dir_fd, ".", O_WRONLY|O_CLOEXEC,
+                                          &temp_fd, &temp_filename,
+                                          error))
+        return FALSE;
+      tmp_unlinker.path = temp_filename;
       temp_file_is_regular = TRUE;
+      temp_out = g_unix_output_stream_new (temp_fd, FALSE);
+
+      file_meta = _ostree_zlib_file_header_new (file_info, xattrs);
+
+      if (!_ostree_write_variant_with_size (temp_out, file_meta, 0, NULL, NULL,
+                                            cancellable, error))
+        return FALSE;
+
+      if (g_file_info_get_file_type (file_info) == G_FILE_TYPE_REGULAR)
+        {
+          zlib_compressor = (GConverter*)g_zlib_compressor_new (G_ZLIB_COMPRESSOR_FORMAT_RAW, self->zlib_compression_level);
+          compressed_out_stream = g_converter_output_stream_new (temp_out, zlib_compressor);
+          /* Don't close the base; we'll do that later */
+          g_filter_output_stream_set_close_base_stream ((GFilterOutputStream*)compressed_out_stream, FALSE);
+
+          unpacked_size = g_output_stream_splice (compressed_out_stream, file_input,
+                                                  0, cancellable, error);
+          if (unpacked_size < 0)
+            return FALSE;
+        }
+
+      if (!g_output_stream_flush (temp_out, cancellable, error))
+        return FALSE;
+
+      if (fchmod (temp_fd, 0644) < 0)
+        return glnx_throw_errno_prefix (error, "fchmod");
     }
 
+  const char *actual_checksum = NULL;
+  g_autofree char *actual_checksum_owned = NULL;
   if (!checksum_input)
     actual_checksum = expected_checksum;
   else
     {
       actual_checksum = actual_checksum_owned = ot_checksum_instream_get_string (checksum_input);
       if (expected_checksum && strcmp (actual_checksum, expected_checksum) != 0)
-        {
-          g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                       "Corrupted %s object %s (actual checksum is %s)",
-                       ostree_object_type_to_string (objtype),
-                       expected_checksum, actual_checksum);
-          goto out;
-        }
+        return glnx_throw (error, "Corrupted %s object %s (actual checksum is %s)",
+                           ostree_object_type_to_string (OSTREE_OBJECT_TYPE_FILE),
+                           expected_checksum, actual_checksum);
     }
 
   g_assert (actual_checksum != NULL); /* Pacify static analysis */
-          
+
+  /* See whether or not we have the object, now that we know the
+   * checksum.
+   */
+  gboolean have_obj;
+  if (!_ostree_repo_has_loose_object (self, actual_checksum, OSTREE_OBJECT_TYPE_FILE,
+                                      &have_obj, cancellable, error))
+    return FALSE;
+  /* If we already have it, just update the stats. */
+  if (have_obj)
+    {
+      g_mutex_lock (&self->txn_stats_lock);
+      self->txn_stats.content_objects_total++;
+      g_mutex_unlock (&self->txn_stats_lock);
+      if (out_csum)
+        *out_csum = ostree_checksum_to_bytes (actual_checksum);
+      /* Note early return */
+      return TRUE;
+    }
+
+  const guint32 uid = g_file_info_get_attribute_uint32 (file_info, "unix::uid");
+  const guint32 gid = g_file_info_get_attribute_uint32 (file_info, "unix::gid");
+  const guint32 mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
+  if (!commit_loose_content_object (self, actual_checksum,
+                                    temp_filename,
+                                    object_is_symlink,
+                                    uid, gid, mode,
+                                    xattrs, temp_fd,
+                                    cancellable, error))
+    return glnx_prefix_error (error, "Writing object %s.%s: ", actual_checksum,
+                              ostree_object_type_to_string (OSTREE_OBJECT_TYPE_FILE));
+  /* Clear the unlinker path, it was consumed */
+  tmp_unlinker.path = NULL;
+
+  /* Update size metadata if configured */
   if (indexable && temp_file_is_regular)
     {
       struct stat stbuf;
 
-      if (fstat (temp_fd, &stbuf) == -1)
-        {
-          glnx_set_error_from_errno (error);
-          goto out;
-        }
+      if (!glnx_fstat (temp_fd, &stbuf, error))
+        return FALSE;
 
       repo_store_size_entry (self, actual_checksum, unpacked_size, stbuf.st_size);
     }
 
-  if (!_ostree_repo_has_loose_object (self, actual_checksum, objtype, &have_obj,
-                                      cancellable, error))
-    goto out;
-          
-  do_commit = !have_obj;
-
-  if (do_commit)
-    {
-      guint32 uid, gid, mode;
-
-      if (file_info)
-        {
-          uid = g_file_info_get_attribute_uint32 (file_info, "unix::uid");
-          gid = g_file_info_get_attribute_uint32 (file_info, "unix::gid");
-          mode = g_file_info_get_attribute_uint32 (file_info, "unix::mode");
-        }
-      else
-        uid = gid = mode = 0;
-      
-      if (!commit_loose_object_trusted (self, actual_checksum, objtype,
-                                        temp_filename,
-                                        object_is_symlink,
-                                        uid, gid, mode,
-                                        xattrs, temp_fd,
-                                        cancellable, error))
-        goto out;
-
-
-      if (objtype == OSTREE_OBJECT_TYPE_COMMIT)
-        {
-          GError *local_error = NULL;
-          /* If we are writing a commit, be sure there is no tombstone for it.
-             We may have deleted the commit and now we are trying to pull it again.  */
-          if (!ostree_repo_delete_object (self,
-                                          OSTREE_OBJECT_TYPE_TOMBSTONE_COMMIT,
-                                          actual_checksum,
-                                          cancellable,
-                                          &local_error))
-            {
-              if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
-                g_clear_error (&local_error);
-              else
-                {
-                  g_propagate_error (error, local_error);
-                  goto out;
-                }
-            }
-        }
-
-      if (OSTREE_OBJECT_TYPE_IS_META (objtype))
-        {
-          if (G_UNLIKELY (file_object_length > OSTREE_MAX_METADATA_WARN_SIZE))
-            {
-              g_autofree char *metasize = g_format_size (file_object_length);
-              g_autofree char *warnsize = g_format_size (OSTREE_MAX_METADATA_WARN_SIZE);
-              g_autofree char *maxsize = g_format_size (OSTREE_MAX_METADATA_SIZE);
-              g_warning ("metadata object %s is %s, which is larger than the warning threshold of %s." \
-                         "  The hard limit on metadata size is %s.  Put large content in the tree itself, not in metadata.",
-                         actual_checksum,
-                         metasize, warnsize, maxsize);
-            }
-        }
-
-      g_clear_pointer (&temp_filename, g_free);
-    }
-
+  /* Update statistics */
   g_mutex_lock (&self->txn_stats_lock);
-  if (do_commit)
-    {
-      if (OSTREE_OBJECT_TYPE_IS_META (objtype))
-        {
-          self->txn_stats.metadata_objects_written++;
-        }
-      else
-        {
-          self->txn_stats.content_objects_written++;
-          self->txn_stats.content_bytes_written += file_object_length;
-        }
-    }
-  if (OSTREE_OBJECT_TYPE_IS_META (objtype))
-    self->txn_stats.metadata_objects_total++;
-  else
-    self->txn_stats.content_objects_total++;
+  self->txn_stats.content_objects_written++;
+  self->txn_stats.content_bytes_written += file_object_length;
+  self->txn_stats.content_objects_total++;
   g_mutex_unlock (&self->txn_stats_lock);
 
-  if (checksum_input)
+  if (out_csum)
     {
       g_assert (actual_checksum);
-      ret_csum = ostree_checksum_to_bytes (actual_checksum);
+      *out_csum = ostree_checksum_to_bytes (actual_checksum);
     }
 
-  ret = TRUE;
-  ot_transfer_out_value(out_csum, &ret_csum);
- out:
-  if (temp_filename)
-    (void) unlinkat (self->tmp_dir_fd, temp_filename, 0);
-  return ret;
+  return TRUE;
+}
+
+static gboolean
+write_metadata_object (OstreeRepo         *self,
+                       OstreeObjectType    objtype,
+                       const char         *expected_checksum,
+                       GBytes             *buf,
+                       guchar            **out_csum,
+                       GCancellable       *cancellable,
+                       GError            **error)
+{
+  g_return_val_if_fail (expected_checksum || out_csum, FALSE);
+
+  if (g_cancellable_set_error_if_cancelled (cancellable, error))
+    return FALSE;
+
+  /* In the metadata case, we're not streaming, so we don't bother creating a
+   * tempfile until we compute the checksum. Some metadata like dirmeta is
+   * commonly duplicated, and computing the checksum is going to be cheaper than
+   * making a tempfile.
+   *
+   * However, tombstone commit types don't make sense to checksum, because for
+   * historical reasons we used ostree_repo_write_metadata_trusted() with the
+   * *original* sha256 to say what commit was being killed.
+   */
+  const gboolean is_tombstone = (objtype == OSTREE_OBJECT_TYPE_TOMBSTONE_COMMIT);
+  g_autofree char *actual_checksum = NULL;
+  if (is_tombstone)
+    {
+      actual_checksum = g_strdup (expected_checksum);
+    }
+  else
+    {
+      actual_checksum = g_compute_checksum_for_bytes (G_CHECKSUM_SHA256, buf);
+      gboolean have_obj;
+      if (!_ostree_repo_has_loose_object (self, actual_checksum, objtype, &have_obj,
+                                          cancellable, error))
+        return FALSE;
+      /* If we already have the object, we just need to update the tried-to-commit
+       * stat for metadata and be done here.
+       */
+      if (have_obj)
+        {
+          g_mutex_lock (&self->txn_stats_lock);
+          self->txn_stats.metadata_objects_total++;
+          g_mutex_unlock (&self->txn_stats_lock);
+
+          if (out_csum)
+            *out_csum = ostree_checksum_to_bytes (actual_checksum);
+          /* Note early return */
+          return TRUE;
+        }
+
+      if (expected_checksum && strcmp (actual_checksum, expected_checksum) != 0)
+        return glnx_throw (error, "Corrupted %s object %s (actual checksum is %s)",
+                           ostree_object_type_to_string (objtype),
+                           expected_checksum, actual_checksum);
+    }
+
+  /* Ok, checksum is known, let's get the data */
+  gsize len;
+  const guint8 *bufp = g_bytes_get_data (buf, &len);
+
+  /* Do the size warning here, to avoid warning for already extant metadata */
+  if (G_UNLIKELY (len > OSTREE_MAX_METADATA_WARN_SIZE))
+    {
+      g_autofree char *metasize = g_format_size (len);
+      g_autofree char *warnsize = g_format_size (OSTREE_MAX_METADATA_WARN_SIZE);
+      g_autofree char *maxsize = g_format_size (OSTREE_MAX_METADATA_SIZE);
+      g_warning ("metadata object %s is %s, which is larger than the warning threshold of %s." \
+                 "  The hard limit on metadata size is %s.  Put large content in the tree itself, not in metadata.",
+                 actual_checksum,
+                 metasize, warnsize, maxsize);
+    }
+
+  /* Write the metadata to a temporary file */
+  g_auto(OtTmpfile) tmpf = { 0, };
+  if (!ot_open_tmpfile_linkable_at (self->tmp_dir_fd, ".", O_WRONLY|O_CLOEXEC,
+                                    &tmpf, error))
+    return FALSE;
+  if (!ot_fallocate (tmpf.fd, len, error))
+    return FALSE;
+  if (glnx_loop_write (tmpf.fd, bufp, len) < 0)
+    return glnx_throw_errno_prefix (error, "write()");
+  if (fchmod (tmpf.fd, 0644) < 0)
+    return glnx_throw_errno_prefix (error, "fchmod");
+
+  /* And commit it into place */
+  if (!_ostree_repo_commit_loose_final (self, actual_checksum, objtype,
+                                        self->tmp_dir_fd, tmpf.fd, tmpf.path,
+                                        cancellable, error))
+    return FALSE;
+  /* The temp path was consumed */
+  g_clear_pointer (&tmpf.path, g_free);
+
+  if (objtype == OSTREE_OBJECT_TYPE_COMMIT)
+    {
+      GError *local_error = NULL;
+      /* If we are writing a commit, be sure there is no tombstone for it.
+         We may have deleted the commit and now we are trying to pull it again.  */
+      if (!ostree_repo_delete_object (self,
+                                      OSTREE_OBJECT_TYPE_TOMBSTONE_COMMIT,
+                                      actual_checksum,
+                                      cancellable,
+                                      &local_error))
+        {
+          if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
+            g_clear_error (&local_error);
+          else
+            {
+              g_propagate_error (error, local_error);
+              return FALSE;
+            }
+        }
+    }
+
+  /* Update the stats, note we both wrote one and add to total */
+  g_mutex_lock (&self->txn_stats_lock);
+  self->txn_stats.metadata_objects_written++;
+  self->txn_stats.metadata_objects_total++;
+  g_mutex_unlock (&self->txn_stats_lock);
+
+  if (out_csum)
+    *out_csum = ostree_checksum_to_bytes (actual_checksum);
+  return TRUE;
 }
 
 static gboolean
@@ -1141,7 +1167,9 @@ rename_pending_loose_objects (OstreeRepo        *self,
   while (TRUE)
     {
       struct dirent *dent;
+      gboolean renamed_some_object = FALSE;
       g_auto(GLnxDirFdIterator) child_dfd_iter = { 0, };
+      char loose_objpath[_OSTREE_LOOSE_PATH_MAX];
 
       if (!glnx_dirfd_iterator_next_dent_ensure_dtype (&dfd_iter, &dent, cancellable, error))
         return FALSE;
@@ -1159,21 +1187,20 @@ rename_pending_loose_objects (OstreeRepo        *self,
                                         &child_dfd_iter, error))
         return FALSE;
 
+      loose_objpath[0] = dent->d_name[0];
+      loose_objpath[1] = dent->d_name[1];
+      loose_objpath[2] = '/';
+
       /* Iterate over inner checksum dir */
       while (TRUE)
         {
           struct dirent *child_dent;
-          char loose_objpath[_OSTREE_LOOSE_PATH_MAX];
 
           if (!glnx_dirfd_iterator_next_dent (&child_dfd_iter, &child_dent, cancellable, error))
             return FALSE;
           if (child_dent == NULL)
             break;
 
-          loose_objpath[0] = dent->d_name[0];
-          loose_objpath[1] = dent->d_name[1];
-          loose_objpath[2] = '/';
-
           g_strlcpy (loose_objpath + 3, child_dent->d_name, sizeof (loose_objpath)-3);
 
           if (!_ostree_repo_ensure_loose_objdir_at (self->objects_dir_fd, loose_objpath,
@@ -1183,9 +1210,34 @@ rename_pending_loose_objects (OstreeRepo        *self,
           if (G_UNLIKELY (renameat (child_dfd_iter.fd, loose_objpath + 3,
                                     self->objects_dir_fd, loose_objpath) < 0))
             return glnx_throw_errno (error);
+
+          renamed_some_object = TRUE;
+        }
+
+      if (renamed_some_object)
+        {
+          /* Ensure that in the case of a power cut all the directory metadata that
+             we want has reached the disk. In particular, we want this before we
+             update the refs to point to these objects. */
+          glnx_fd_close int target_dir_fd = -1;
+
+          loose_objpath[2] = 0;
+
+          if (!glnx_opendirat (self->objects_dir_fd,
+                               loose_objpath, FALSE,
+                               &target_dir_fd,
+                               error))
+            return FALSE;
+
+          if (fsync (target_dir_fd) == -1)
+            return glnx_throw_errno_prefix (error, "fsync");
         }
     }
 
+  /* In case we created any loose object subdirs, make sure they are on disk */
+  if (fsync (self->objects_dir_fd) == -1)
+    return glnx_throw_errno_prefix (error, "fsync");
+
   if (!glnx_shutil_rm_rf_at (self->tmp_dir_fd, self->commit_stagedir_name,
                              cancellable, error))
     return FALSE;
@@ -1481,6 +1533,25 @@ ostree_repo_abort_transaction (OstreeRepo     *self,
   return TRUE;
 }
 
+/* These limits were introduced since in some cases we may be processing
+ * malicious metadata, and we want to make disk space exhaustion attacks harder.
+ */
+static gboolean
+metadata_size_valid (OstreeObjectType objtype,
+                     gsize len,
+                     GError **error)
+{
+  if (G_UNLIKELY (len > OSTREE_MAX_METADATA_SIZE))
+    {
+      g_autofree char *input_bytes = g_format_size (len);
+      g_autofree char *max_bytes = g_format_size (OSTREE_MAX_METADATA_SIZE);
+      return glnx_throw (error, "Metadata object of type '%s' is %s; maximum metadata size is %s",
+                         ostree_object_type_to_string (objtype), input_bytes, max_bytes);
+    }
+
+  return TRUE;
+}
+
 /**
  * ostree_repo_write_metadata:
  * @self: Repo
@@ -1507,23 +1578,38 @@ ostree_repo_write_metadata (OstreeRepo         *self,
                             GError            **error)
 {
   g_autoptr(GVariant) normalized = NULL;
-
-  normalized = g_variant_get_normal_form (object);
-
-  if (G_UNLIKELY (g_variant_get_size (normalized) > OSTREE_MAX_METADATA_SIZE))
+  /* First, if we have an expected checksum, see if we already have this
+   * object.  This mirrors the same logic in ostree_repo_write_content().
+   */
+  if (expected_checksum)
     {
-      g_autofree char *input_bytes = g_format_size (g_variant_get_size (normalized));
-      g_autofree char *max_bytes = g_format_size (OSTREE_MAX_METADATA_SIZE);
-      return glnx_throw (error, "Metadata object of type '%s' is %s; maximum metadata size is %s",
-                         ostree_object_type_to_string (objtype), input_bytes, max_bytes);
+      gboolean have_obj;
+      if (!_ostree_repo_has_loose_object (self, expected_checksum, objtype, &have_obj,
+                                          cancellable, error))
+        return FALSE;
+      if (have_obj)
+        {
+          if (out_csum)
+            *out_csum = ostree_checksum_to_bytes (expected_checksum);
+          return TRUE;
+        }
+      /* If the caller is giving us an expected checksum, the object really has
+       * to be normalized already.  Otherwise, how would they know the checksum?
+       * There's no sense in redoing it.
+       */
+      normalized = g_variant_ref (object);
+    }
+  else
+    {
+      normalized = g_variant_get_normal_form (object);
     }
 
-  g_autoptr(GInputStream) input = ot_variant_read (normalized);
+  if (!metadata_size_valid (objtype, g_variant_get_size (normalized), error))
+    return FALSE;
 
-  if (!write_object (self, objtype, expected_checksum,
-                     input, g_variant_get_size (normalized),
-                     out_csum,
-                     cancellable, error))
+  g_autoptr(GBytes) vdata = g_variant_get_data_as_bytes (normalized);
+  if (!write_metadata_object (self, objtype, expected_checksum,
+                              vdata, out_csum, cancellable, error))
     return FALSE;
 
   return TRUE;
@@ -1551,8 +1637,22 @@ ostree_repo_write_metadata_stream_trusted (OstreeRepo        *self,
                                            GCancellable      *cancellable,
                                            GError           **error)
 {
-  return write_object (self, objtype, checksum, object_input, length, NULL,
-                       cancellable, error);
+  if (length > 0 && !metadata_size_valid (objtype, length, error))
+    return FALSE;
+
+  /* This is all pretty ridiculous, but we're keeping this API for backwards
+   * compatibility, it doesn't really need to be fast.
+   */
+  g_autoptr(GMemoryOutputStream) tmpbuf = (GMemoryOutputStream*)g_memory_output_stream_new_resizable ();
+  if (g_output_stream_splice ((GOutputStream*)tmpbuf, object_input,
+                              G_OUTPUT_STREAM_SPLICE_CLOSE_TARGET, cancellable, error) < 0)
+    return FALSE;
+  g_autoptr(GBytes) tmpb = g_memory_output_stream_steal_as_bytes (tmpbuf);
+
+  g_autoptr(GVariant) tmpv = g_variant_new_from_bytes (ostree_metadata_variant_type (objtype),
+                                                       tmpb, TRUE);
+  return ostree_repo_write_metadata_trusted (self, objtype, checksum, tmpv,
+                                             cancellable, error);
 }
 
 /**
@@ -1575,16 +1675,9 @@ ostree_repo_write_metadata_trusted (OstreeRepo         *self,
                                     GCancellable       *cancellable,
                                     GError            **error)
 {
-  g_autoptr(GInputStream) input = NULL;
-  g_autoptr(GVariant) normalized = NULL;
-
-  normalized = g_variant_get_normal_form (variant);
-  input = ot_variant_read (normalized);
-
-  return write_object (self, type, checksum,
-                       input, g_variant_get_size (normalized),
-                       NULL,
-                       cancellable, error);
+  return ostree_repo_write_metadata (self, type,
+                                     checksum, variant, NULL,
+                                     cancellable, error);
 }
 
 typedef struct {
@@ -1731,9 +1824,8 @@ ostree_repo_write_content_trusted (OstreeRepo       *self,
                                    GCancellable     *cancellable,
                                    GError          **error)
 {
-  return write_object (self, OSTREE_OBJECT_TYPE_FILE, checksum,
-                       object_input, length, NULL,
-                       cancellable, error);
+  return ostree_repo_write_content (self, checksum, object_input, length,
+                                    NULL, cancellable, error);
 }
 
 /**
@@ -1759,9 +1851,27 @@ ostree_repo_write_content (OstreeRepo       *self,
                            GCancellable     *cancellable,
                            GError          **error)
 {
-  return write_object (self, OSTREE_OBJECT_TYPE_FILE, expected_checksum,
-                       object_input, length, out_csum,
-                       cancellable, error);
+  /* First, if we have an expected checksum, see if we already have this
+   * object.  This mirrors the same logic in ostree_repo_write_metadata().
+   */
+  if (expected_checksum)
+    {
+      gboolean have_obj;
+      if (!_ostree_repo_has_loose_object (self, expected_checksum,
+                                          OSTREE_OBJECT_TYPE_FILE, &have_obj,
+                                          cancellable, error))
+        return FALSE;
+      if (have_obj)
+        {
+          if (out_csum)
+            *out_csum = ostree_checksum_to_bytes (expected_checksum);
+          return TRUE;
+        }
+    }
+
+  return write_content_object (self, expected_checksum,
+                               object_input, length, out_csum,
+                               cancellable, error);
 }
 
 typedef struct {
@@ -2185,11 +2295,23 @@ _ostree_repo_commit_modifier_apply (OstreeRepo               *self,
 
   if ((modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS) != 0)
     {
-
-      if (g_file_info_get_file_type (file_info) == G_FILE_TYPE_REGULAR)
+      guint mode = g_file_info_get_attribute_uint32 (modified_info, "unix::mode");
+      switch (g_file_info_get_file_type (file_info))
         {
-          guint current_mode = g_file_info_get_attribute_uint32 (modified_info, "unix::mode");
-          g_file_info_set_attribute_uint32 (modified_info, "unix::mode", current_mode | 0744);
+        case G_FILE_TYPE_REGULAR:
+          /* In particular, we want to squash the s{ug}id bits, but this also
+           * catches the sticky bit for example.
+           */
+          g_file_info_set_attribute_uint32 (modified_info, "unix::mode", mode & (S_IFREG | 0755));
+          break;
+        case G_FILE_TYPE_DIRECTORY:
+          /* Like the above but for directories */
+          g_file_info_set_attribute_uint32 (modified_info, "unix::mode", mode & (S_IFDIR | 0755));
+          break;
+        case G_FILE_TYPE_SYMBOLIC_LINK:
+          break;
+        default:
+          g_assert_not_reached ();
         }
       g_file_info_set_attribute_uint32 (modified_info, "unix::uid", 0);
       g_file_info_set_attribute_uint32 (modified_info, "unix::gid", 0);
diff --git a/src/libostree/ostree-repo-file.c b/src/libostree/ostree-repo-file.c
index a88e5363..fcc435a8 100644
--- a/src/libostree/ostree-repo-file.c
+++ b/src/libostree/ostree-repo-file.c
@@ -148,7 +148,6 @@ _ostree_repo_file_new_for_commit (OstreeRepo  *repo,
                                   const char  *commit,
                                   GError     **error)
 {
-  OstreeRepoFile *ret = NULL;
   g_autoptr(GVariant) commit_v = NULL;
   g_autoptr(GVariant) tree_contents_csum_v = NULL;
   g_autoptr(GVariant) tree_metadata_csum_v = NULL;
@@ -161,7 +160,7 @@ _ostree_repo_file_new_for_commit (OstreeRepo  *repo,
 
   if (!ostree_repo_load_variant (repo, OSTREE_OBJECT_TYPE_COMMIT,
                                  commit, &commit_v, error))
-    goto out;
+    return NULL;
 
   /* PARSE OSTREE_OBJECT_TYPE_COMMIT */
   g_variant_get_child (commit_v, 6, "@ay", &tree_contents_csum_v);
@@ -172,17 +171,13 @@ _ostree_repo_file_new_for_commit (OstreeRepo  *repo,
   ostree_checksum_inplace_from_bytes (g_variant_get_data (tree_metadata_csum_v),
                                       tree_metadata_csum);
 
-  ret = _ostree_repo_file_new_root (repo, tree_contents_csum, tree_metadata_csum);
-
- out:
-  return ret;
+  return _ostree_repo_file_new_root (repo, tree_contents_csum, tree_metadata_csum);
 }
 
 static gboolean
 do_resolve (OstreeRepoFile  *self,
             GError         **error)
 {
-  gboolean ret = FALSE;
   g_autoptr(GVariant) root_contents = NULL;
   g_autoptr(GVariant) root_metadata = NULL;
 
@@ -190,27 +185,24 @@ do_resolve (OstreeRepoFile  *self,
 
   if (!ostree_repo_load_variant (self->repo, OSTREE_OBJECT_TYPE_DIR_TREE,
                                  self->tree_contents_checksum, &root_contents, error))
-    goto out;
+    return FALSE;
 
   if (!ostree_repo_load_variant (self->repo, OSTREE_OBJECT_TYPE_DIR_META,
                                  self->tree_metadata_checksum, &root_metadata, error))
-    goto out;
-  
+    return FALSE;
+
   self->tree_metadata = root_metadata;
   root_metadata = NULL;
   self->tree_contents = root_contents;
   root_contents = NULL;
 
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
 
 static gboolean
 do_resolve_nonroot (OstreeRepoFile     *self,
                     GError            **error)
 {
-  gboolean ret = FALSE;
   gboolean is_dir;
   int i;
   g_autoptr(GVariant) container = NULL;
@@ -221,13 +213,13 @@ do_resolve_nonroot (OstreeRepoFile     *self,
   g_autofree char *tmp_checksum = NULL;
 
   if (!ostree_repo_file_ensure_resolved (self->parent, error))
-    goto out;
+    return FALSE;
 
   if (!self->parent->tree_contents)
     {
       g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_DIRECTORY,
                    "Not a directory");
-      goto out;
+      return FALSE;
     }
 
   i = ostree_repo_file_tree_find_child (self->parent, self->name, &is_dir, &container);
@@ -235,7 +227,7 @@ do_resolve_nonroot (OstreeRepoFile     *self,
   if (i < 0)
     {
       set_error_noent ((GFile*)self, error);
-      goto out;
+      return FALSE;
     }
 
   if (is_dir)
@@ -255,14 +247,14 @@ do_resolve_nonroot (OstreeRepoFile     *self,
       if (!ostree_repo_load_variant (self->repo, OSTREE_OBJECT_TYPE_DIR_TREE,
                                      tmp_checksum, &tree_contents,
                                      error))
-        goto out;
+        return FALSE;
 
       g_free (tmp_checksum);
       tmp_checksum = ostree_checksum_from_bytes_v (metadata_csum_v);
       if (!ostree_repo_load_variant (self->repo, OSTREE_OBJECT_TYPE_DIR_META,
                                      tmp_checksum, &tree_metadata,
                                      error))
-        goto out;
+        return FALSE;
 
       self->tree_contents = tree_contents;
       tree_contents = NULL;
@@ -274,35 +266,29 @@ do_resolve_nonroot (OstreeRepoFile     *self,
   else
     self->index = i;
 
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
 
 gboolean
 ostree_repo_file_ensure_resolved (OstreeRepoFile  *self,
                                    GError         **error)
 {
-  gboolean ret = FALSE;
-
   if (self->parent == NULL)
     {
       if (self->tree_contents == NULL)
         if (!do_resolve (self, error))
-          goto out;
+          return FALSE;
     }
   else
     {
       if (self->index == -1)
         {
           if (!do_resolve_nonroot (self, error))
-            goto out;
+            return FALSE;
         }
     }
 
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
 
 gboolean
@@ -311,25 +297,21 @@ ostree_repo_file_get_xattrs (OstreeRepoFile  *self,
                              GCancellable    *cancellable,
                              GError         **error)
 {
-  gboolean ret = FALSE;
-  g_autoptr(GVariant) ret_xattrs = NULL;
-
   if (!ostree_repo_file_ensure_resolved (self, error))
-    goto out;
+    return FALSE;
 
+  g_autoptr(GVariant) ret_xattrs = NULL;
   if (self->tree_metadata)
     ret_xattrs = g_variant_get_child_value (self->tree_metadata, 3);
-  else 
+  else
     {
       if (!ostree_repo_load_file (self->repo, ostree_repo_file_get_checksum (self),
                                   NULL, NULL, &ret_xattrs, cancellable, error))
-        goto out;
+        return FALSE;
     }
 
-  ret = TRUE;
   ot_transfer_out_value(out_xattrs, &ret_xattrs);
- out:
-  return ret;
+  return TRUE;
 }
 
 GVariant *
@@ -721,28 +703,24 @@ query_child_info_dir (OstreeRepo               *repo,
                       GCancellable             *cancellable,
                       GError                  **error)
 {
-  gboolean ret = FALSE;
-  g_autoptr(GFileInfo) ret_info = NULL;
-  g_autoptr(GVariant) metadata = NULL;
 
-  ret_info = g_file_info_new ();
+  g_autoptr(GFileInfo) ret_info = g_file_info_new ();
 
   g_file_info_set_attribute_uint32 (ret_info, "standard::type",
                                     G_FILE_TYPE_DIRECTORY);
-  
+
   if (g_file_attribute_matcher_matches (matcher, "unix::mode"))
     {
+      g_autoptr(GVariant) metadata = NULL;
       if (!ostree_repo_load_variant (repo, OSTREE_OBJECT_TYPE_DIR_META,
                                      metadata_checksum, &metadata, error))
-        goto out;
+        return FALSE;
 
       set_info_from_dirmeta (ret_info, metadata);
     }
-  
-  ret = TRUE;
+
   ot_transfer_out_value(out_info, &ret_info);
- out:
-  return ret;
+  return TRUE;
 }
 
 int
@@ -890,12 +868,11 @@ ostree_repo_file_query_info (GFile                *file,
 			     GCancellable         *cancellable,
 			     GError              **error)
 {
-  gboolean ret = FALSE;
   OstreeRepoFile *self = OSTREE_REPO_FILE (file);
   g_autoptr(GFileInfo) info = NULL;
 
   if (!ostree_repo_file_ensure_resolved (self, error))
-    goto out;
+    return NULL;
 
   if (!self->parent)
     {
@@ -904,20 +881,14 @@ ostree_repo_file_query_info (GFile                *file,
     }
   else
     {
-      if (!ostree_repo_file_tree_query_child (self->parent, self->index, 
-                                               attributes, flags, 
+      if (!ostree_repo_file_tree_query_child (self->parent, self->index,
+                                               attributes, flags,
                                                &info, cancellable, error))
-        goto out;
+        return NULL;
       g_assert (info != NULL);
     }
-      
-  ret = TRUE;
- out:
-  if (!ret)
-    g_clear_object (&info);
-  else
-    g_object_ref (info);
-  return info;
+
+  return g_steal_pointer (&info);
 }
 
 static GFileAttributeInfoList *
@@ -938,38 +909,44 @@ ostree_repo_file_query_writable_namespaces (GFile         *file,
 
 static GFileInputStream *
 ostree_repo_file_read (GFile         *file,
-		       GCancellable  *cancellable,
-		       GError       **error)
+                       GCancellable  *cancellable,
+                       GError       **error)
 {
-  gboolean ret = FALSE;
   OstreeRepoFile *self = OSTREE_REPO_FILE (file);
   const char *checksum;
   g_autoptr(GInputStream) ret_stream = NULL;
 
   if (!ostree_repo_file_ensure_resolved (self, error))
-    goto out;
+    return FALSE;
 
   if (self->tree_contents)
     {
-      g_set_error_literal (error, G_IO_ERROR,
-			   G_IO_ERROR_IS_DIRECTORY,
-			   "Can't open directory");
-      goto out;
+      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_IS_DIRECTORY,
+                           "Can't open directory");
+      return NULL;
     }
 
   checksum = ostree_repo_file_get_checksum (self);
 
-  if (!ostree_repo_load_file (self->repo, checksum, &ret_stream,
-                              NULL, NULL, cancellable, error))
-    goto out;
-  
-  ret = TRUE;
- out:
-  if (!ret)
-    g_clear_object (&ret_stream);
+  g_autoptr(GFileInfo) finfo = NULL;
+  if (!ostree_repo_load_file (self->repo, checksum, NULL,
+                              &finfo, NULL, cancellable, error))
+    return NULL;
+  if (g_file_info_get_file_type (finfo) == G_FILE_TYPE_REGULAR)
+    {
+      if (!ostree_repo_load_file (self->repo, checksum, &ret_stream,
+                                  NULL, NULL, cancellable, error))
+        return NULL;
+    }
   else
-    g_object_ref (ret_stream);
-  return (GFileInputStream*)ret_stream;
+    {
+      g_autoptr(GFile) parent = g_file_get_parent (file);
+      const char *target = g_file_info_get_symlink_target (finfo);
+      g_autoptr(GFile) dest = g_file_resolve_relative_path (parent, target);
+      return g_file_read (dest, cancellable, error);
+    }
+
+  return g_steal_pointer (&ret_stream);
 }
 
 static void
diff --git a/src/libostree/ostree-repo-libarchive.c b/src/libostree/ostree-repo-libarchive.c
index 01982894..02f1364e 100644
--- a/src/libostree/ostree-repo-libarchive.c
+++ b/src/libostree/ostree-repo-libarchive.c
@@ -640,9 +640,8 @@ aic_handle_entry (OstreeRepoArchiveImportContext *ctx,
         return TRUE;
       else
         {
-          g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                       "Unsupported file type for path \"%s\"", path);
-          return FALSE;
+          return glnx_throw (error, "Unsupported file type for path \"%s\"",
+                            path);
         }
     }
 }
diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h
index 2a518d4f..6cbf9ebe 100644
--- a/src/libostree/ostree-repo-private.h
+++ b/src/libostree/ostree-repo-private.h
@@ -106,6 +106,7 @@ struct OstreeRepo {
 
   gboolean inited;
   gboolean writable;
+  gboolean is_system; /* Was this repo created via ostree_sysroot_get_repo() ? */
   GError *writable_error;
   gboolean in_transaction;
   gboolean disable_fsync;
@@ -115,6 +116,7 @@ struct OstreeRepo {
   GHashTable *updated_uncompressed_dirs;
   GHashTable *object_sizes;
 
+  uid_t owner_uid;
   uid_t target_owner_uid;
   gid_t target_owner_gid;
 
@@ -318,28 +320,6 @@ _ostree_repo_commit_trusted_content_bare (OstreeRepo          *self,
                                           GCancellable        *cancellable,
                                           GError             **error);
 
-gboolean
-_ostree_repo_open_untrusted_content_bare (OstreeRepo          *self,
-                                          const char          *expected_checksum,
-                                          guint64              content_len,
-                                          OstreeRepoContentBareCommit *out_state,
-                                          GOutputStream      **out_stream,
-                                          gboolean            *out_have_object,
-                                          GCancellable        *cancellable,
-                                          GError             **error);
-
-gboolean
-_ostree_repo_commit_untrusted_content_bare (OstreeRepo          *self,
-                                            const char          *expected_checksum,
-                                            OstreeRepoContentBareCommit *state,
-                                            guint32              uid,
-                                            guint32              gid,
-                                            guint32              mode,
-                                            GVariant            *xattrs,
-                                            GCancellable        *cancellable,
-                                            GError             **error);
-
-
 gboolean
 _ostree_repo_read_bare_fd (OstreeRepo           *self,
                            const char           *checksum,
@@ -351,9 +331,12 @@ gboolean
 _ostree_repo_update_mtime (OstreeRepo        *self,
                            GError           **error);
 
-void
+gboolean
 _ostree_repo_add_remote (OstreeRepo   *self,
                          OstreeRemote *remote);
+gboolean
+_ostree_repo_remove_remote (OstreeRepo   *self,
+                            OstreeRemote *remote);
 OstreeRemote *
 _ostree_repo_get_remote (OstreeRepo  *self,
                          const char  *name,
diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index f1dae995..2c87fd60 100644
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -80,6 +80,7 @@ typedef struct {
   GHashTable       *expected_commit_sizes; /* Maps commit checksum to known size */
   GHashTable       *commit_to_depth; /* Maps commit checksum maximum depth */
   GHashTable       *scanned_metadata; /* Maps object name to itself */
+  GHashTable       *fetched_detached_metadata; /* Set */
   GHashTable       *requested_metadata; /* Maps object name to itself */
   GHashTable       *requested_content; /* Maps checksum to itself */
   GHashTable       *requested_fallback_content; /* Maps checksum to itself */
@@ -110,6 +111,7 @@ typedef struct {
   gboolean          is_mirror;
   gboolean          is_commit_only;
   gboolean          is_untrusted;
+  gboolean          is_bareuseronly_files;
 
   GPtrArray        *dirs;
 
@@ -151,7 +153,7 @@ typedef struct {
   guchar csum[OSTREE_SHA256_DIGEST_LEN];
   char *path;
   OstreeObjectType objtype;
-  guint recursion_depth;
+  guint recursion_depth; /* NB: not used anymore, though might be nice to print */
 } ScanObjectQueueData;
 
 static void start_fetch (OtPullData *pull_data, FetchObjectData *fetch);
@@ -555,6 +557,94 @@ pull_matches_subdir (OtPullData *pull_data,
   return FALSE;
 }
 
+/* This bit mirrors similar code in commit_loose_content_object() for the
+ * bare-user-only mode. It's opt-in though for all pulls.
+ */
+static gboolean
+validate_bareuseronly_mode (OtPullData *pull_data,
+                            const char *checksum,
+                            guint32     content_mode,
+                            GError    **error)
+{
+  if (!pull_data->is_bareuseronly_files)
+    return TRUE;
+
+  if (S_ISREG (content_mode))
+    {
+      const guint32 invalid_modebits = ((content_mode & ~S_IFMT) & ~0775);
+      if (invalid_modebits > 0)
+        return glnx_throw (error, "object %s.file: invalid mode 0%04o with bits 0%04o",
+                           checksum, content_mode, invalid_modebits);
+    }
+  else if (S_ISLNK (content_mode))
+    ; /* Nothing */
+  else
+    g_assert_not_reached ();
+
+  return TRUE;
+}
+
+/* Import a single content object in the case where
+ * we have pull_data->remote_repo_local.
+ *
+ * One important special case here is handling the
+ * OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES flag.
+ */
+static gboolean
+import_one_local_content_object (OtPullData *pull_data,
+                                 const char *checksum,
+                                 GCancellable *cancellable,
+                                 GError    **error)
+{
+  g_assert (pull_data->remote_repo_local);
+
+  const gboolean trusted = !pull_data->is_untrusted;
+  if (trusted && !pull_data->is_bareuseronly_files)
+    {
+      if (!ostree_repo_import_object_from_with_trust (pull_data->repo, pull_data->remote_repo_local,
+                                                      OSTREE_OBJECT_TYPE_FILE, checksum,
+                                                      trusted,
+                                                      cancellable, error))
+        return FALSE;
+    }
+  else
+    {
+      /* In this case we either need to validate the checksum
+       * or the file mode.
+       */
+      g_autoptr(GInputStream) content_input = NULL;
+      g_autoptr(GFileInfo) content_finfo = NULL;
+      g_autoptr(GVariant) content_xattrs = NULL;
+
+      if (!ostree_repo_load_file (pull_data->remote_repo_local, checksum,
+                                  &content_input, &content_finfo, &content_xattrs,
+                                  cancellable, error))
+        return FALSE;
+
+      if (!validate_bareuseronly_mode (pull_data, checksum,
+                                       g_file_info_get_attribute_uint32 (content_finfo, "unix::mode"),
+                                       error))
+        return FALSE;
+
+      /* Now that we've potentially validated it, convert to object stream */
+      guint64 length;
+      g_autoptr(GInputStream) object_stream = NULL;
+      if (!ostree_raw_file_to_content_stream (content_input, content_finfo,
+                                              content_xattrs, &object_stream,
+                                              &length, cancellable, error))
+        return FALSE;
+
+      g_autofree guchar *real_csum = NULL;
+      if (!ostree_repo_write_content (pull_data->repo, checksum,
+                                      object_stream, length,
+                                      &real_csum,
+                                      cancellable, error))
+        return FALSE;
+    }
+
+  return TRUE;
+}
+
 static gboolean
 scan_dirtree_object (OtPullData   *pull_data,
                      const char   *checksum,
@@ -563,9 +653,6 @@ scan_dirtree_object (OtPullData   *pull_data,
                      GCancellable *cancellable,
                      GError      **error)
 {
-  if (recursion_depth > OSTREE_MAX_RECURSION)
-    return glnx_throw (error, "Exceeded maximum recursion");
-
   g_autoptr(GVariant) tree = NULL;
   if (!ostree_repo_load_variant (pull_data->repo, OSTREE_OBJECT_TYPE_DIR_TREE, checksum,
                                  &tree, error))
@@ -597,15 +684,19 @@ scan_dirtree_object (OtPullData   *pull_data,
                                    &file_is_stored, cancellable, error))
         return FALSE;
 
-      if (!file_is_stored && pull_data->remote_repo_local)
+      /* If we already have this object, move on to the next */
+      if (file_is_stored)
+        continue;
+
+      /* Is this a local repo? */
+      if (pull_data->remote_repo_local)
         {
-          if (!ostree_repo_import_object_from_with_trust (pull_data->repo, pull_data->remote_repo_local,
-                                                          OSTREE_OBJECT_TYPE_FILE, file_checksum, !pull_data->is_untrusted,
-                                                          cancellable, error))
+          if (!import_one_local_content_object (pull_data, file_checksum, cancellable, error))
             return FALSE;
         }
-      else if (!file_is_stored && !g_hash_table_lookup (pull_data->requested_content, file_checksum))
+      else if (!g_hash_table_lookup (pull_data->requested_content, file_checksum))
         {
+          /* In this case we're doing HTTP pulls */
           g_hash_table_add (pull_data->requested_content, file_checksum);
           enqueue_one_object_request (pull_data, file_checksum, OSTREE_OBJECT_TYPE_FILE, path, FALSE, FALSE);
           file_checksum = NULL;  /* Transfer ownership */
@@ -780,7 +871,12 @@ content_fetch_on_complete (GObject        *object,
   checksum_obj = ostree_object_to_string (checksum, objtype);
   g_debug ("fetch of %s complete", checksum_obj);
 
-  if (pull_data->is_mirror && pull_data->repo->mode == OSTREE_REPO_MODE_ARCHIVE_Z2)
+  /* If we're mirroring and writing into an archive repo, we can directly copy
+   * the content rather than paying the cost of exploding it, checksumming, and
+   * re-gzip.
+   */
+  if (pull_data->is_mirror && pull_data->repo->mode == OSTREE_REPO_MODE_ARCHIVE_Z2
+      && !pull_data->is_bareuseronly_files)
     {
       gboolean have_object;
       if (!ostree_repo_has_object (pull_data->repo, OSTREE_OBJECT_TYPE_FILE, checksum,
@@ -812,16 +908,22 @@ content_fetch_on_complete (GObject        *object,
         }
 
       /* Also, delete it now that we've opened it, we'll hold
-       * a reference to the fd.  If we fail to write later, then
+       * a reference to the fd.  If we fail to validate or write, then
        * the temp space will be cleaned up.
        */
       (void) unlinkat (_ostree_fetcher_get_dfd (fetcher), temp_path, 0);
 
+      if (!validate_bareuseronly_mode (pull_data,
+                                       checksum,
+                                       g_file_info_get_attribute_uint32 (file_info, "unix::mode"),
+                                       error))
+        goto out;
+
       if (!ostree_raw_file_to_content_stream (file_in, file_info, xattrs,
                                               &object_input, &length,
                                               cancellable, error))
         goto out;
-  
+
       pull_data->n_outstanding_content_write_requests++;
       ostree_repo_write_content_async (pull_data->repo, checksum,
                                        object_input, length,
@@ -912,8 +1014,15 @@ meta_fetch_on_complete (GObject           *object,
             {
               /* There isn't any detached metadata, just fetch the commit */
               g_clear_error (&local_error);
+
+              /* Now that we've at least tried to fetch it, we can proceed to
+               * scan/fetch the commit object */
+              g_hash_table_add (pull_data->fetched_detached_metadata, g_strdup (checksum));
+
               if (!fetch_data->object_is_stored)
                 enqueue_one_object_request (pull_data, checksum, objtype, fetch_data->path, FALSE, FALSE);
+              else
+                queue_scan_one_metadata_object (pull_data, checksum, objtype, fetch_data->path, 0);
             }
 
           /* When traversing parents, do not fail on a missing commit.
@@ -960,8 +1069,12 @@ meta_fetch_on_complete (GObject           *object,
                                                        pull_data->cancellable, error))
         goto out;
 
+      g_hash_table_add (pull_data->fetched_detached_metadata, g_strdup (checksum));
+
       if (!fetch_data->object_is_stored)
         enqueue_one_object_request (pull_data, checksum, objtype, fetch_data->path, FALSE, FALSE);
+      else
+        queue_scan_one_metadata_object (pull_data, checksum, objtype, fetch_data->path, 0);
     }
   else
     {
@@ -977,7 +1090,7 @@ meta_fetch_on_complete (GObject           *object,
           if (!write_commitpartial_for (pull_data, checksum, error))
             goto out;
         }
-      
+
       ostree_repo_write_metadata_async (pull_data->repo, objtype, checksum, metadata,
                                         pull_data->cancellable,
                                         on_metadata_written, fetch_data);
@@ -1176,13 +1289,6 @@ scan_commit_object (OtPullData         *pull_data,
   gint depth;
   gboolean is_partial;
 
-  if (recursion_depth > OSTREE_MAX_RECURSION)
-    {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Exceeded maximum recursion");
-      goto out;
-    }
-
   if (g_hash_table_lookup_extended (pull_data->commit_to_depth, checksum,
                                     NULL, &depthp))
     {
@@ -1377,15 +1483,20 @@ scan_one_metadata_object_c (OtPullData         *pull_data,
     }
   else if (is_stored && objtype == OSTREE_OBJECT_TYPE_COMMIT)
     {
-      /* For commits, always refetch detached metadata. */
-      enqueue_one_object_request (pull_data, tmp_checksum, objtype, path, TRUE, TRUE);
+      /* Even though we already have the commit, we always try to (re)fetch the
+       * detached metadata before scanning it, in case new signatures appear.
+       * https://github.com/projectatomic/rpm-ostree/issues/630 */
+      if (!g_hash_table_contains (pull_data->fetched_detached_metadata, tmp_checksum))
+        enqueue_one_object_request (pull_data, tmp_checksum, objtype, path, TRUE, TRUE);
+      else
+        {
+          if (!scan_commit_object (pull_data, tmp_checksum, recursion_depth,
+                                   pull_data->cancellable, error))
+            goto out;
 
-      if (!scan_commit_object (pull_data, tmp_checksum, recursion_depth,
-                               pull_data->cancellable, error))
-        goto out;
-
-      g_hash_table_add (pull_data->scanned_metadata, g_variant_ref (object));
-      pull_data->n_scanned_metadata++;
+          g_hash_table_add (pull_data->scanned_metadata, g_variant_ref (object));
+          pull_data->n_scanned_metadata++;
+        }
     }
   else if (is_stored && objtype == OSTREE_OBJECT_TYPE_DIR_TREE)
     {
@@ -2144,6 +2255,7 @@ _ostree_repo_cache_summary (OstreeRepo        *self,
 static OstreeFetcher *
 _ostree_repo_remote_new_fetcher (OstreeRepo  *self,
                                  const char  *remote_name,
+                                 gboolean     gzip,
                                  GError     **error)
 {
   OstreeFetcher *fetcher = NULL;
@@ -2162,6 +2274,9 @@ _ostree_repo_remote_new_fetcher (OstreeRepo  *self,
   if (tls_permissive)
     fetcher_flags |= OSTREE_FETCHER_FLAGS_TLS_PERMISSIVE;
 
+  if (gzip)
+    fetcher_flags |= OSTREE_FETCHER_FLAGS_TRANSFER_GZIP;
+
   fetcher = _ostree_fetcher_new (self->tmp_dir_fd, remote_name, fetcher_flags);
 
   {
@@ -2419,7 +2534,7 @@ repo_remote_fetch_summary (OstreeRepo    *self,
   mainctx = g_main_context_new ();
   g_main_context_push_thread_default (mainctx);
 
-  fetcher = _ostree_repo_remote_new_fetcher (self, name, error);
+  fetcher = _ostree_repo_remote_new_fetcher (self, name, TRUE, error);
   if (fetcher == NULL)
     goto out;
 
@@ -2527,7 +2642,7 @@ static gboolean
 reinitialize_fetcher (OtPullData *pull_data, const char *remote_name, GError **error)
 {
   g_clear_object (&pull_data->fetcher);
-  pull_data->fetcher = _ostree_repo_remote_new_fetcher (pull_data->repo, remote_name, error);
+  pull_data->fetcher = _ostree_repo_remote_new_fetcher (pull_data->repo, remote_name, FALSE, error);
   if (pull_data->fetcher == NULL)
     return FALSE;
 
@@ -2679,7 +2794,7 @@ initiate_request (OtPullData *pull_data,
  *   * override-commit-ids (as): Array of specific commit IDs to fetch for refs
  *   * dry-run (b): Only print information on what will be downloaded (requires static deltas)
  *   * override-url (s): Fetch objects from this URL if remote specifies no metalink in options
- *   * inherit-transaction (b): Don't initiate, finish or abort a transaction, usefult to do multiple pulls in one transaction.
+ *   * inherit-transaction (b): Don't initiate, finish or abort a transaction, useful to do multiple pulls in one transaction.
  *   * http-headers (a(ss)): Additional headers to add to all HTTP requests
  *   * update-frequency (u): Frequency to call the async progress callback in milliseconds, if any; only values higher than 0 are valid
  */
@@ -2764,6 +2879,7 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
   pull_data->is_mirror = (flags & OSTREE_REPO_PULL_FLAGS_MIRROR) > 0;
   pull_data->is_commit_only = (flags & OSTREE_REPO_PULL_FLAGS_COMMIT_ONLY) > 0;
   pull_data->is_untrusted = (flags & OSTREE_REPO_PULL_FLAGS_UNTRUSTED) > 0;
+  pull_data->is_bareuseronly_files = (flags & OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES) > 0;
   pull_data->cancellable = cancellable ? g_object_ref (cancellable) : NULL;
 
   if (error)
@@ -2787,6 +2903,8 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
                                                                (GDestroyNotify)g_free);
   pull_data->scanned_metadata = g_hash_table_new_full (ostree_hash_object_name, g_variant_equal,
                                                        (GDestroyNotify)g_variant_unref, NULL);
+  pull_data->fetched_detached_metadata = g_hash_table_new_full (g_str_hash, g_str_equal,
+                                                       (GDestroyNotify)g_free, NULL);
   pull_data->requested_content = g_hash_table_new_full (g_str_hash, g_str_equal,
                                                         (GDestroyNotify)g_free, NULL);
   pull_data->requested_fallback_content = g_hash_table_new_full (g_str_hash, g_str_equal,
@@ -3029,11 +3147,15 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
     }
   }
 
-  /* For local pulls, default to disabling static deltas so that the
-   * exact object files are copied.
-   */
-  if (pull_data->remote_repo_local && !pull_data->require_static_deltas)
-    pull_data->disable_static_deltas = TRUE;
+  if (pull_data->remote_repo_local)
+    {
+      /* For local pulls, default to disabling static deltas so that the
+       * exact object files are copied.
+       */
+      if (!pull_data->require_static_deltas)
+        pull_data->disable_static_deltas = TRUE;
+
+    }
 
   /* We can't use static deltas if pulling into an archive-z2 repo. */
   if (self->mode == OSTREE_REPO_MODE_ARCHIVE_Z2)
@@ -3161,8 +3283,7 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
     if (pull_data->summary)
       {
         refs = g_variant_get_child_value (pull_data->summary, 0);
-        n = g_variant_n_children (refs);
-        for (i = 0; i < n; i++)
+        for (i = 0, n = g_variant_n_children (refs); i < n; i++)
           {
             const char *refname;
             g_autoptr(GVariant) ref = g_variant_get_child_value (refs, i);
@@ -3229,7 +3350,7 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
               char *commitid = commitid_strviter ? g_strdup (*commitid_strviter) : NULL;
               g_hash_table_insert (requested_refs_to_fetch, g_strdup (branch), commitid);
             }
-          
+
           strviter++;
           if (commitid_strviter)
             commitid_strviter++;
@@ -3365,7 +3486,7 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
       ret = TRUE;
       goto out;
     }
-  
+
   g_assert_cmpint (pull_data->n_outstanding_metadata_fetches, ==, 0);
   g_assert_cmpint (pull_data->n_outstanding_metadata_write_requests, ==, 0);
   g_assert_cmpint (pull_data->n_outstanding_content_fetches, ==, 0);
@@ -3378,9 +3499,9 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
       const char *checksum = value;
       g_autofree char *remote_ref = NULL;
       g_autofree char *original_rev = NULL;
-          
+
       if (pull_data->remote_name)
-        remote_ref = g_strdup_printf ("%s/%s", pull_data->remote_name, ref);
+        remote_ref = g_strdup_printf ("%s:%s", pull_data->remote_name, ref);
       else
         remote_ref = g_strdup (ref);
 
@@ -3397,7 +3518,7 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
         }
     }
 
-  if (pull_data->is_mirror && pull_data->summary_data)
+  if (pull_data->is_mirror && pull_data->summary_data && !refs_to_fetch && !configured_branches)
     {
       GLnxFileReplaceFlags replaceflag =
         pull_data->repo->disable_fsync ? GLNX_FILE_REPLACE_NODATASYNC : 0;
@@ -3467,15 +3588,16 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
           if (!ot_ensure_unlinked_at (pull_data->repo->repo_dir_fd, commitpartial_path, 0))
             goto out;
         }
-        g_hash_table_iter_init (&hash_iter, commits_to_fetch);
-        while (g_hash_table_iter_next (&hash_iter, &key, &value))
-          {
-            const char *commit = value;
-            g_autofree char *commitpartial_path = _ostree_get_commitpartial_path (commit);
 
-            if (!ot_ensure_unlinked_at (pull_data->repo->repo_dir_fd, commitpartial_path, 0))
-              goto out;
-          }
+      g_hash_table_iter_init (&hash_iter, commits_to_fetch);
+      while (g_hash_table_iter_next (&hash_iter, &key, &value))
+        {
+          const char *commit = value;
+          g_autofree char *commitpartial_path = _ostree_get_commitpartial_path (commit);
+
+          if (!ot_ensure_unlinked_at (pull_data->repo->repo_dir_fd, commitpartial_path, 0))
+            goto out;
+        }
     }
 
   ret = TRUE;
@@ -3509,6 +3631,7 @@ ostree_repo_pull_with_options (OstreeRepo             *self,
   g_clear_pointer (&pull_data->commit_to_depth, (GDestroyNotify) g_hash_table_unref);
   g_clear_pointer (&pull_data->expected_commit_sizes, (GDestroyNotify) g_hash_table_unref);
   g_clear_pointer (&pull_data->scanned_metadata, (GDestroyNotify) g_hash_table_unref);
+  g_clear_pointer (&pull_data->fetched_detached_metadata, (GDestroyNotify) g_hash_table_unref);
   g_clear_pointer (&pull_data->summary_deltas_checksums, (GDestroyNotify) g_hash_table_unref);
   g_clear_pointer (&pull_data->requested_content, (GDestroyNotify) g_hash_table_unref);
   g_clear_pointer (&pull_data->requested_fallback_content, (GDestroyNotify) g_hash_table_unref);
diff --git a/src/libostree/ostree-repo-static-delta-core.c b/src/libostree/ostree-repo-static-delta-core.c
index 3a14f8bb..d83b7f0f 100644
--- a/src/libostree/ostree-repo-static-delta-core.c
+++ b/src/libostree/ostree-repo-static-delta-core.c
@@ -45,9 +45,8 @@ _ostree_static_delta_parse_checksum_array (GVariant      *array,
   if (G_UNLIKELY(n > (G_MAXUINT32/OSTREE_STATIC_DELTA_OBJTYPE_CSUM_LEN) ||
                  (n_checksums * OSTREE_STATIC_DELTA_OBJTYPE_CSUM_LEN) != n))
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Invalid checksum array length %" G_GSIZE_FORMAT, n);
-      return FALSE;
+      return glnx_throw (error,
+                        "Invalid checksum array length %" G_GSIZE_FORMAT, n);
     }
 
   *out_checksums_array = (gpointer)g_variant_get_data (array);
diff --git a/src/libostree/ostree-repo-static-delta-processing.c b/src/libostree/ostree-repo-static-delta-processing.c
index a71e070f..ea157e77 100644
--- a/src/libostree/ostree-repo-static-delta-processing.c
+++ b/src/libostree/ostree-repo-static-delta-processing.c
@@ -115,9 +115,7 @@ read_varuint64 (StaticDeltaExecutionState  *state,
   gsize bytes_read;
   if (!_ostree_read_varuint64 (state->opdata, state->oplen, out_value, &bytes_read))
     {
-      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                           "Unexpected EOF reading varint");
-      return FALSE;
+      return glnx_throw (error, "%s", "Unexpected EOF reading varint");
     }
   state->opdata += bytes_read;
   state->oplen -= bytes_read;
@@ -692,7 +690,8 @@ dispatch_open (OstreeRepo                 *repo,
   if (!state->stats_only)
     {
       g_assert (repo->mode == OSTREE_REPO_MODE_BARE ||
-                repo->mode == OSTREE_REPO_MODE_BARE_USER);
+                repo->mode == OSTREE_REPO_MODE_BARE_USER ||
+                repo->mode == OSTREE_REPO_MODE_BARE_USER_ONLY);
     }
   
   if (!open_output_target (state, cancellable, error))
diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
index 2ef64ec0..e556e464 100644
--- a/src/libostree/ostree-repo.c
+++ b/src/libostree/ostree-repo.c
@@ -150,24 +150,28 @@ _ostree_repo_get_remote_inherited (OstreeRepo  *self,
   return g_steal_pointer (&remote);
 }
 
-void
+gboolean
 _ostree_repo_add_remote (OstreeRepo   *self,
                          OstreeRemote *remote)
 {
-  g_return_if_fail (self != NULL);
-  g_return_if_fail (remote != NULL);
-  g_return_if_fail (remote->name != NULL);
+  gboolean already_existed;
+
+  g_return_val_if_fail (self != NULL, FALSE);
+  g_return_val_if_fail (remote != NULL, FALSE);
+  g_return_val_if_fail (remote->name != NULL, FALSE);
 
   g_mutex_lock (&self->remotes_lock);
 
-  g_hash_table_replace (self->remotes, remote->name, ostree_remote_ref (remote));
+  already_existed = g_hash_table_replace (self->remotes, remote->name, ostree_remote_ref (remote));
 
   g_mutex_unlock (&self->remotes_lock);
+
+  return already_existed;
 }
 
-static gboolean
-ost_repo_remove_remote (OstreeRepo   *self,
-                        OstreeRemote *remote)
+gboolean
+_ostree_repo_remove_remote (OstreeRepo   *self,
+                            OstreeRemote *remote)
 {
   gboolean removed;
 
@@ -706,6 +710,12 @@ ostree_repo_is_system (OstreeRepo   *repo)
 
   g_return_val_if_fail (OSTREE_IS_REPO (repo), FALSE);
 
+  /* If we were created via ostree_sysroot_get_repo(), we know the answer is yes
+   * without having to compare file paths.
+   */
+  if (repo->is_system)
+    return TRUE;
+
   default_repo_path = get_default_repo_path (repo->sysroot_dir);
 
   return g_file_equal (repo->repodir, default_repo_path);
@@ -882,10 +892,7 @@ impl_repo_remote_add (OstreeRepo     *self,
                          name, remote->file ? gs_file_get_path_cached (remote->file) : "(in config)");
     }
 
-  remote = ostree_remote_new ();
-  remote->name = g_strdup (name);
-  remote->group = g_strdup_printf ("remote \"%s\"", name);
-  remote->keyring = g_strdup_printf ("%s.trustedkeys.gpg", name);
+  remote = ostree_remote_new (name);
 
   /* The OstreeRepo maintains its own internal system root path,
    * so we need to not only check if a "sysroot" argument was given
@@ -1039,7 +1046,7 @@ impl_repo_remote_delete (OstreeRepo     *self,
   if (!ot_ensure_unlinked_at (self->repo_dir_fd, remote->keyring, error))
     return FALSE;
 
-  ost_repo_remove_remote (self, remote);
+  _ostree_repo_remove_remote (self, remote);
 
   return TRUE;
 }
@@ -1322,7 +1329,6 @@ ostree_repo_remote_gpg_import (OstreeRepo         *self,
   struct stat stbuf;
   gpgme_error_t gpg_error;
   gboolean ret = FALSE;
-  const GLnxFileCopyFlags copyflags = self->disable_xattrs ? GLNX_FILE_COPY_NOXATTRS : 0;
 
   g_return_val_if_fail (OSTREE_IS_REPO (self), FALSE);
   g_return_val_if_fail (name != NULL, FALSE);
@@ -1446,7 +1452,7 @@ ostree_repo_remote_gpg_import (OstreeRepo         *self,
     {
       if (!glnx_file_copy_at (self->repo_dir_fd, remote->keyring,
                               &stbuf, target_temp_fd, "pubring.gpg",
-                              copyflags, cancellable, error))
+                              GLNX_FILE_COPY_NOXATTRS, cancellable, error))
         {
           g_prefix_error (error, "Unable to copy remote's keyring: ");
           goto out;
@@ -1530,7 +1536,7 @@ ostree_repo_remote_gpg_import (OstreeRepo         *self,
    * updated keyring in the target context's temporary directory. */
   if (!glnx_file_copy_at (target_temp_fd, "pubring.gpg", NULL,
                           self->repo_dir_fd, remote->keyring,
-                          copyflags | GLNX_FILE_COPY_OVERWRITE,
+                          GLNX_FILE_COPY_NOXATTRS | GLNX_FILE_COPY_OVERWRITE,
                           cancellable, error))
     goto out;
 
@@ -2086,6 +2092,7 @@ ostree_repo_open (OstreeRepo    *self,
 
   if (fstat (self->objects_dir_fd, &stbuf) != 0)
     return glnx_throw_errno (error);
+  self->owner_uid = stbuf.st_uid;
 
   if (stbuf.st_uid != getuid () || stbuf.st_gid != getgid ())
     {
@@ -2495,19 +2502,33 @@ load_metadata_internal (OstreeRepo       *self,
   return TRUE;
 }
 
+/* Basically fstatat(), but also looks in both the committed and staging
+ * directories, and returns *out_dfd for where we found the object.
+ */
 static gboolean
-query_info_for_bare_content_object (OstreeRepo      *self,
-                                    const char      *loose_path_buf,
-                                    GFileInfo      **out_info,
-                                    GCancellable    *cancellable,
-                                    GError         **error)
+stat_bare_content_object (OstreeRepo      *self,
+                          const char      *loose_path_buf,
+                          int             *out_dfd,
+                          GFileInfo      **out_info,
+                          GCancellable    *cancellable,
+                          GError         **error)
 {
   struct stat stbuf;
+  int res;
+  int dirfd;
 
-  if (TEMP_FAILURE_RETRY (fstatat (self->objects_dir_fd, loose_path_buf, &stbuf, AT_SYMLINK_NOFOLLOW)) < 0)
+  dirfd = self->objects_dir_fd;
+  res = TEMP_FAILURE_RETRY (fstatat (dirfd, loose_path_buf, &stbuf, AT_SYMLINK_NOFOLLOW));
+  if (res < 0 && errno == ENOENT && self->commit_stagedir_fd != -1)
+    {
+      dirfd = self->commit_stagedir_fd;
+      res = TEMP_FAILURE_RETRY (fstatat (dirfd, loose_path_buf, &stbuf, AT_SYMLINK_NOFOLLOW));
+    }
+  if (res < 0)
     {
       if (errno == ENOENT)
         {
+          *out_dfd = -1;
           *out_info = NULL;
           return TRUE;
         }
@@ -2522,13 +2543,14 @@ query_info_for_bare_content_object (OstreeRepo      *self,
     }
   else if (S_ISLNK (stbuf.st_mode))
     {
-      if (!ot_readlinkat_gfile_info (self->objects_dir_fd, loose_path_buf,
+      if (!ot_readlinkat_gfile_info (dirfd, loose_path_buf,
                                      ret_info, cancellable, error))
         return FALSE;
     }
   else
     return glnx_throw (error, "Not a regular file or symlink: %s", loose_path_buf);
 
+  *out_dfd = dirfd;
   ot_transfer_out_value (out_info, &ret_info);
   return TRUE;
 }
@@ -2569,6 +2591,12 @@ _ostree_repo_read_bare_fd (OstreeRepo           *self,
   if (!ot_openat_ignore_enoent (self->objects_dir_fd, loose_path_buf, out_fd, error))
     return FALSE;
 
+  if (*out_fd == -1 && self->commit_stagedir_fd != -1)
+    {
+      if (!ot_openat_ignore_enoent (self->commit_stagedir_fd, loose_path_buf, out_fd, error))
+        return FALSE;
+    }
+
   if (*out_fd == -1)
     {
       if (self->parent_repo)
@@ -2590,9 +2618,9 @@ _ostree_repo_read_bare_fd (OstreeRepo           *self,
  * ostree_repo_load_file:
  * @self: Repo
  * @checksum: ASCII SHA256 checksum
- * @out_input: (out) (allow-none): File content
- * @out_file_info: (out) (allow-none): File information
- * @out_xattrs: (out) (allow-none): Extended attributes
+ * @out_input: (out) (optional) (nullable): File content
+ * @out_file_info: (out) (optional) (nullable): File information
+ * @out_xattrs: (out) (optional) (nullable): Extended attributes
  * @cancellable: Cancellable
  * @error: Error
  *
@@ -2655,9 +2683,11 @@ ostree_repo_load_file (OstreeRepo         *self,
     }
   else
     {
-      if (!query_info_for_bare_content_object (self, loose_path_buf,
-                                               &ret_file_info,
-                                               cancellable, error))
+      int objdir_fd; /* referenced */
+      if (!stat_bare_content_object (self, loose_path_buf,
+                                     &objdir_fd,
+                                     &ret_file_info,
+                                     cancellable, error))
         return FALSE;
 
       if (ret_file_info)
@@ -2675,7 +2705,7 @@ ostree_repo_load_file (OstreeRepo         *self,
                * always do an open, then query the user.ostreemeta xattr for
                * more information.
                */
-              fd = openat (self->objects_dir_fd, loose_path_buf, O_RDONLY | O_CLOEXEC);
+              fd = openat (objdir_fd, loose_path_buf, O_RDONLY | O_CLOEXEC);
               if (fd < 0)
                 return glnx_throw_errno (error);
 
@@ -2729,7 +2759,7 @@ ostree_repo_load_file (OstreeRepo         *self,
               if (g_file_info_get_file_type (ret_file_info) == G_FILE_TYPE_REGULAR &&
                   out_input)
                 {
-                  fd = openat (self->objects_dir_fd, loose_path_buf, O_RDONLY | O_CLOEXEC);
+                  fd = openat (objdir_fd, loose_path_buf, O_RDONLY | O_CLOEXEC);
                   if (fd < 0)
                     return glnx_throw_errno (error);
 
@@ -2753,7 +2783,7 @@ ostree_repo_load_file (OstreeRepo         *self,
                 {
                   glnx_fd_close int fd = -1;
 
-                  fd = openat (self->objects_dir_fd, loose_path_buf, O_RDONLY | O_CLOEXEC);
+                  fd = openat (objdir_fd, loose_path_buf, O_RDONLY | O_CLOEXEC);
                   if (fd < 0)
                     return glnx_throw_errno (error);
 
@@ -2777,7 +2807,7 @@ ostree_repo_load_file (OstreeRepo         *self,
                 {
                   if (self->disable_xattrs)
                     ret_xattrs = g_variant_ref_sink (g_variant_new_array (G_VARIANT_TYPE ("(ayay)"), NULL, 0));
-                  else if (!glnx_dfd_name_get_all_xattrs (self->objects_dir_fd, loose_path_buf,
+                  else if (!glnx_dfd_name_get_all_xattrs (objdir_fd, loose_path_buf,
                                                           &ret_xattrs,
                                                           cancellable, error))
                     return FALSE;
@@ -3043,75 +3073,18 @@ copy_detached_metadata (OstreeRepo    *self,
   return TRUE;
 }
 
+/* Special case between bare-user and bare-user-only,
+ * mostly for https://github.com/flatpak/flatpak/issues/845
+ * see below for any more comments.
+ */
 static gboolean
-import_one_object_copy (OstreeRepo    *self,
-                        OstreeRepo    *source,
-                        const char   *checksum,
-                        OstreeObjectType objtype,
-                        gboolean      trusted,
-                        GCancellable  *cancellable,
-                        GError        **error)
+import_is_bareuser_only_conversion (OstreeRepo *src_repo,
+                                    OstreeRepo *dest_repo,
+                                    OstreeObjectType objtype)
 {
-  guint64 length;
-  g_autoptr(GInputStream) object_stream = NULL;
-
-  if (!ostree_repo_load_object_stream (source, objtype, checksum,
-                                       &object_stream, &length,
-                                       cancellable, error))
-    return FALSE;
-
-  if (objtype == OSTREE_OBJECT_TYPE_FILE)
-    {
-      if (trusted)
-        {
-          if (!ostree_repo_write_content_trusted (self, checksum,
-                                                  object_stream, length,
-                                                  cancellable, error))
-            return FALSE;
-        }
-      else
-        {
-          g_autofree guchar *real_csum = NULL;
-          if (!ostree_repo_write_content (self, checksum,
-                                          object_stream, length,
-                                          &real_csum,
-                                          cancellable, error))
-            return FALSE;
-        }
-    }
-  else
-    {
-      if (objtype == OSTREE_OBJECT_TYPE_COMMIT)
-        {
-          if (!copy_detached_metadata (self, source, checksum, cancellable, error))
-            return FALSE;
-        }
-
-      if (trusted)
-        {
-          if (!ostree_repo_write_metadata_stream_trusted (self, objtype,
-                                                          checksum, object_stream, length,
-                                                          cancellable, error))
-            return FALSE;
-        }
-      else
-        {
-          g_autofree guchar *real_csum = NULL;
-          g_autoptr(GVariant) variant = NULL;
-
-          if (!ostree_repo_load_variant (source, objtype, checksum,
-                                         &variant, error))
-            return FALSE;
-
-          if (!ostree_repo_write_metadata (self, objtype,
-                                           checksum, variant,
-                                           &real_csum,
-                                           cancellable, error))
-            return FALSE;
-        }
-    }
-
-  return TRUE;
+  return src_repo->mode == OSTREE_REPO_MODE_BARE_USER
+    && dest_repo->mode == OSTREE_REPO_MODE_BARE_USER_ONLY
+    && objtype == OSTREE_OBJECT_TYPE_FILE;
 }
 
 static gboolean
@@ -3126,6 +3099,33 @@ import_one_object_link (OstreeRepo    *self,
   char loose_path_buf[_OSTREE_LOOSE_PATH_MAX];
   _ostree_loose_path (loose_path_buf, checksum, objtype, self->mode);
 
+  /* Hardlinking between bare-user → bare-user-only is only possible for regular
+   * files, *not* symlinks, which in bare-user are stored as regular files.  At
+   * this point we need to parse the file to see the difference.
+   */
+  if (import_is_bareuser_only_conversion (source, self, objtype))
+    {
+      g_autoptr(GFileInfo) finfo = NULL;
+
+      if (!ostree_repo_load_file (source, checksum, NULL, &finfo, NULL,
+                                  cancellable, error))
+        return FALSE;
+
+      switch (g_file_info_get_file_type (finfo))
+        {
+        case G_FILE_TYPE_REGULAR:
+          /* This is OK, we'll drop through and try a hardlink */
+          break;
+        case G_FILE_TYPE_SYMBOLIC_LINK:
+          /* NOTE early return */
+          *out_was_supported = FALSE;
+          return TRUE;
+        default:
+          g_assert_not_reached ();
+          break;
+        }
+    }
+
   if (!_ostree_repo_ensure_loose_objdir_at (self->objects_dir_fd, loose_path_buf, cancellable, error))
     return FALSE;
 
@@ -3184,6 +3184,28 @@ ostree_repo_import_object_from (OstreeRepo           *self,
                                                checksum, TRUE, cancellable, error);
 }
 
+static gboolean
+import_via_hardlink_is_possible (OstreeRepo *src_repo,
+                                 OstreeRepo *dest_repo,
+                                 OstreeObjectType objtype)
+{
+  /* We need the ability to make hardlinks */
+  if (src_repo->owner_uid != dest_repo->owner_uid)
+    return FALSE;
+  /* Equal modes are always compatible */
+  if (src_repo->mode == dest_repo->mode)
+    return TRUE;
+  /* Metadata is identical between all modes */
+  if (OSTREE_OBJECT_TYPE_IS_META (objtype))
+    return TRUE;
+  /* And now a special case between bare-user and bare-user-only,
+   * mostly for https://github.com/flatpak/flatpak/issues/845
+   */
+  if (import_is_bareuser_only_conversion (src_repo, dest_repo, objtype))
+    return TRUE;
+  return FALSE;
+}
+
 /**
  * ostree_repo_import_object_from_with_trust:
  * @self: Destination repo
@@ -3210,29 +3232,95 @@ ostree_repo_import_object_from_with_trust (OstreeRepo           *self,
                                            GCancellable         *cancellable,
                                            GError              **error)
 {
-  gboolean hardlink_was_supported = FALSE;
-
-  if (trusted && /* Don't hardlink into untrusted remotes */
-      self->mode == source->mode)
+  /* We try to import via hardlink. If the remote is explicitly not trusted
+   * (i.e.) their checksums may be incorrect, we skip that. Also, we require the
+   * repository modes to match, as well as the owner uid (since we need to be
+   * able to make hardlinks).
+   */
+  if (trusted && import_via_hardlink_is_possible (source, self, objtype))
     {
+      gboolean hardlink_was_supported = FALSE;
+
       if (!import_one_object_link (self, source, checksum, objtype,
                                    &hardlink_was_supported,
                                    cancellable, error))
         return FALSE;
+
+      /* If we hardlinked, we're done! */
+      if (hardlink_was_supported)
+        return TRUE;
     }
 
-  if (!hardlink_was_supported)
-    {
-      gboolean has_object;
+  /* The copy path */
 
-      if (!ostree_repo_has_object (self, objtype, checksum, &has_object,
-                                   cancellable, error))
+  /* First, do we have the object already? */
+  gboolean has_object;
+  if (!ostree_repo_has_object (self, objtype, checksum, &has_object,
+                               cancellable, error))
+    return FALSE;
+  /* If we have it, we're done */
+  if (has_object)
+    return TRUE;
+
+  if (OSTREE_OBJECT_TYPE_IS_META (objtype))
+    {
+      /* Metadata object */
+      g_autoptr(GVariant) variant = NULL;
+
+      if (objtype == OSTREE_OBJECT_TYPE_COMMIT)
+        {
+          /* FIXME - cleanup detached metadata if copy below fails */
+          if (!copy_detached_metadata (self, source, checksum, cancellable, error))
+            return FALSE;
+        }
+
+      if (!ostree_repo_load_variant (source, objtype, checksum,
+                                     &variant, error))
         return FALSE;
 
-      if (!has_object)
+      if (trusted)
         {
-          if (!import_one_object_copy (self, source, checksum, objtype, trusted,
-                                       cancellable, error))
+          if (!ostree_repo_write_metadata_trusted (self, objtype,
+                                                   checksum, variant,
+                                                   cancellable, error))
+            return FALSE;
+        }
+      else
+        {
+          g_autofree guchar *real_csum = NULL;
+
+          if (!ostree_repo_write_metadata (self, objtype,
+                                           checksum, variant,
+                                           &real_csum,
+                                           cancellable, error))
+            return FALSE;
+        }
+    }
+  else
+    {
+      /* Content object */
+      guint64 length;
+      g_autoptr(GInputStream) object_stream = NULL;
+
+      if (!ostree_repo_load_object_stream (source, objtype, checksum,
+                                           &object_stream, &length,
+                                           cancellable, error))
+        return FALSE;
+
+      if (trusted)
+        {
+          if (!ostree_repo_write_content_trusted (self, checksum,
+                                                  object_stream, length,
+                                                  cancellable, error))
+            return FALSE;
+        }
+      else
+        {
+          g_autofree guchar *real_csum = NULL;
+          if (!ostree_repo_write_content (self, checksum,
+                                          object_stream, length,
+                                          &real_csum,
+                                          cancellable, error))
             return FALSE;
         }
     }
@@ -3263,9 +3351,14 @@ ostree_repo_query_object_storage_size (OstreeRepo           *self,
 {
   char loose_path[_OSTREE_LOOSE_PATH_MAX];
   _ostree_loose_path (loose_path, sha256, objtype, self->mode);
+  int res;
 
   struct stat stbuf;
-  if (TEMP_FAILURE_RETRY (fstatat (self->objects_dir_fd, loose_path, &stbuf, AT_SYMLINK_NOFOLLOW)) < 0)
+  res = TEMP_FAILURE_RETRY (fstatat (self->objects_dir_fd, loose_path, &stbuf, AT_SYMLINK_NOFOLLOW));
+  if (res < 0 && errno == ENOENT && self->commit_stagedir_fd != -1)
+    res = TEMP_FAILURE_RETRY (fstatat (self->commit_stagedir_fd, loose_path, &stbuf, AT_SYMLINK_NOFOLLOW));
+
+  if (res < 0)
     return glnx_throw_errno_prefix (error, "Querying object %s.%s", sha256, ostree_object_type_to_string (objtype));
 
   *out_size = stbuf.st_size;
@@ -4470,54 +4563,55 @@ ostree_repo_regenerate_summary (OstreeRepo     *self,
                                 GCancellable   *cancellable,
                                 GError        **error)
 {
-  g_autoptr(GHashTable) refs = NULL;
-  if (!ostree_repo_list_refs (self, NULL, &refs, cancellable, error))
-    return FALSE;
-
   g_auto(GVariantDict) additional_metadata_builder = OT_VARIANT_BUILDER_INITIALIZER;
   g_variant_dict_init (&additional_metadata_builder, additional_metadata);
   g_autoptr(GVariantBuilder) refs_builder = g_variant_builder_new (G_VARIANT_TYPE ("a(s(taya{sv}))"));
 
-  g_autoptr(GList) ordered_keys = g_hash_table_get_keys (refs);
-  ordered_keys = g_list_sort (ordered_keys, (GCompareFunc)strcmp);
+  {
+    g_autoptr(GHashTable) refs = NULL;
+    if (!ostree_repo_list_refs (self, NULL, &refs, cancellable, error))
+      return FALSE;
 
-  for (GList *iter = ordered_keys; iter; iter = iter->next)
-    {
-      const char *ref = iter->data;
-      const char *commit = g_hash_table_lookup (refs, ref);
-      g_auto(GVariantDict) commit_metadata_builder = OT_VARIANT_BUILDER_INITIALIZER;
+    g_autoptr(GList) ordered_keys = g_hash_table_get_keys (refs);
+    ordered_keys = g_list_sort (ordered_keys, (GCompareFunc)strcmp);
 
-      g_assert (commit);
+    for (GList *iter = ordered_keys; iter; iter = iter->next)
+      {
+        const char *ref = iter->data;
+        const char *commit = g_hash_table_lookup (refs, ref);
+        g_auto(GVariantDict) commit_metadata_builder = OT_VARIANT_BUILDER_INITIALIZER;
 
-      g_autofree char *remotename = NULL;
-      if (!ostree_parse_refspec (ref, &remotename, NULL, NULL))
-        g_assert_not_reached ();
+        g_assert (commit);
 
-      /* Don't put remote refs in the summary */
-      if (remotename != NULL)
-        continue;
+        g_autofree char *remotename = NULL;
+        if (!ostree_parse_refspec (ref, &remotename, NULL, NULL))
+          g_assert_not_reached ();
 
-      g_autoptr(GVariant) commit_obj = NULL;
-      if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, commit, &commit_obj, error))
-        return FALSE;
+        /* Don't put remote refs in the summary */
+        if (remotename != NULL)
+          continue;
 
-      g_variant_dict_init (&commit_metadata_builder, NULL);
+        g_autoptr(GVariant) commit_obj = NULL;
+        if (!ostree_repo_load_variant (self, OSTREE_OBJECT_TYPE_COMMIT, commit, &commit_obj, error))
+          return FALSE;
 
-      /* Forward the commit’s timestamp if it’s valid. */
-      guint64 commit_timestamp = ostree_commit_get_timestamp (commit_obj);
-      g_autoptr(GDateTime) dt = g_date_time_new_from_unix_utc (commit_timestamp);
+        g_variant_dict_init (&commit_metadata_builder, NULL);
 
-      if (dt != NULL)
-        g_variant_dict_insert_value (&commit_metadata_builder, OSTREE_COMMIT_TIMESTAMP,
-                                     g_variant_new_uint64 (GUINT64_TO_BE (commit_timestamp)));
+        /* Forward the commit’s timestamp if it’s valid. */
+        guint64 commit_timestamp = ostree_commit_get_timestamp (commit_obj);
+        g_autoptr(GDateTime) dt = g_date_time_new_from_unix_utc (commit_timestamp);
 
-      g_variant_builder_add_value (refs_builder,
-                                   g_variant_new ("(s(t@ay@a{sv}))", ref,
-                                                  (guint64) g_variant_get_size (commit_obj),
-                                                  ostree_checksum_to_bytes_v (commit),
-                                                  g_variant_dict_end (&commit_metadata_builder)));
-    }
+        if (dt != NULL)
+          g_variant_dict_insert_value (&commit_metadata_builder, OSTREE_COMMIT_TIMESTAMP,
+                                       g_variant_new_uint64 (GUINT64_TO_BE (commit_timestamp)));
 
+        g_variant_builder_add_value (refs_builder,
+                                     g_variant_new ("(s(t@ay@a{sv}))", ref,
+                                                    (guint64) g_variant_get_size (commit_obj),
+                                                    ostree_checksum_to_bytes_v (commit),
+                                                    g_variant_dict_end (&commit_metadata_builder)));
+      }
+  }
 
   {
     g_autoptr(GPtrArray) delta_names = NULL;
@@ -4542,7 +4636,6 @@ ostree_repo_regenerate_summary (OstreeRepo     *self,
         g_autoptr(GInputStream) in_stream = g_unix_input_stream_new (superblock_file_fd, FALSE);
         if (!in_stream)
           return FALSE;
-        superblock_file_fd = -1; /* Transfer ownership */
 
         g_autofree guchar *csum = NULL;
         if (!ot_gio_checksum_stream (in_stream,
@@ -4554,7 +4647,8 @@ ostree_repo_regenerate_summary (OstreeRepo     *self,
         g_variant_dict_insert_value (&deltas_builder, delta_names->pdata[i], ot_gvariant_new_bytearray (csum, 32));
       }
 
-    g_variant_dict_insert_value (&additional_metadata_builder, OSTREE_SUMMARY_STATIC_DELTAS, g_variant_dict_end (&deltas_builder));
+    if (delta_names->len > 0)
+      g_variant_dict_insert_value (&additional_metadata_builder, OSTREE_SUMMARY_STATIC_DELTAS, g_variant_dict_end (&deltas_builder));
   }
 
   {
diff --git a/src/libostree/ostree-repo.h b/src/libostree/ostree-repo.h
index 86bed09c..ed73d4a2 100644
--- a/src/libostree/ostree-repo.h
+++ b/src/libostree/ostree-repo.h
@@ -768,7 +768,8 @@ typedef struct {
   gboolean process_whiteouts;
   gboolean no_copy_fallback;
   gboolean force_copy; /* Since: 2017.6 */
-  gboolean unused_bools[6];
+  gboolean bareuseronly_dirs; /* Since: 2017.7 */
+  gboolean unused_bools[5];
 
   const char *subpath;
 
@@ -1015,12 +1016,14 @@ gboolean ostree_repo_prune_from_reachable (OstreeRepo             *self,
  * @OSTREE_REPO_PULL_FLAGS_MIRROR: Write out refs suitable for mirrors
  * @OSTREE_REPO_PULL_FLAGS_COMMIT_ONLY: Fetch only the commit metadata
  * @OSTREE_REPO_PULL_FLAGS_UNTRUSTED: Don't trust local remote
+ * @OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES: Since 2017.7.  Reject writes of content objects with modes outside of 0775.
  */
 typedef enum {
   OSTREE_REPO_PULL_FLAGS_NONE,
   OSTREE_REPO_PULL_FLAGS_MIRROR = (1 << 0),
   OSTREE_REPO_PULL_FLAGS_COMMIT_ONLY = (1 << 1),
-  OSTREE_REPO_PULL_FLAGS_UNTRUSTED = (1 << 2)
+  OSTREE_REPO_PULL_FLAGS_UNTRUSTED = (1 << 2),
+  OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES = (1 << 3)
 } OstreeRepoPullFlags;
 
 _OSTREE_PUBLIC
diff --git a/src/libostree/ostree-sysroot-cleanup.c b/src/libostree/ostree-sysroot-cleanup.c
index 499f20eb..79663b66 100644
--- a/src/libostree/ostree-sysroot-cleanup.c
+++ b/src/libostree/ostree-sysroot-cleanup.c
@@ -501,31 +501,27 @@ _ostree_sysroot_cleanup_internal (OstreeSysroot              *self,
                                   GCancellable               *cancellable,
                                   GError                    **error)
 {
-  glnx_unref_object OstreeRepo *repo = NULL;
-
   g_return_val_if_fail (OSTREE_IS_SYSROOT (self), FALSE);
   g_return_val_if_fail (self->loaded, FALSE);
 
   if (!cleanup_other_bootversions (self, cancellable, error))
-    return FALSE;
+    return glnx_prefix_error (error, "Cleaning bootversions");
 
   if (!cleanup_old_deployments (self, cancellable, error))
-    return FALSE;
-
-  if (!ostree_sysroot_get_repo (self, &repo, cancellable, error))
-    return FALSE;
+    return glnx_prefix_error (error, "Cleaning deployments");
 
+  OstreeRepo *repo = ostree_sysroot_repo (self);
   if (!generate_deployment_refs (self, repo,
                                  self->bootversion,
                                  self->subbootversion,
                                  self->deployments,
                                  cancellable, error))
-    return FALSE;
+    return glnx_prefix_error (error, "Generating deployment refs");
 
   if (do_prune_repo)
     {
       if (!prune_repo (repo, cancellable, error))
-        return FALSE;
+        return glnx_prefix_error (error, "Pruning repo");
     }
 
   return TRUE;
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index 257a058b..ed4831c1 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -423,11 +423,18 @@ copy_modified_config_file (int                 orig_etc_fd,
   return ret;
 }
 
-/**
- * merge_etc_changes:
+/*
+ * merge_configuration_from:
+ * @sysroot: Sysroot
+ * @merge_deployment: Source of configuration differences
+ * @merge_deployment_dfd: Directory fd, may be -1
+ * @new_deployment: Target for merge of configuration
+ * @new_deployment_dfd: Directory fd for @new_deployment (may *not* be -1)
+ * @cancellable: Cancellable
+ * @error: Error
  *
- * Compute the difference between @orig_etc and @modified_etc,
- * and apply that to @new_etc.
+ * Compute the difference between @merge_deployment's `/usr/etc` and `/etc`, and
+ * apply that to @new_deployment's `/etc`.
  *
  * The algorithm for computing the difference is pretty simple; it's
  * approximately equivalent to "diff -unR orig_etc modified_etc",
@@ -435,26 +442,37 @@ copy_modified_config_file (int                 orig_etc_fd,
  * changed in @new_etc, the modified version always wins.
  */
 static gboolean
-merge_etc_changes (GFile          *orig_etc,
-                   GFile          *modified_etc,
-                   GFile          *new_etc,
-                   OstreeSysrootDebugFlags flags,
-                   GCancellable   *cancellable,
-                   GError        **error)
+merge_configuration_from (OstreeSysroot    *sysroot,
+                          OstreeDeployment *merge_deployment,
+                          int               merge_deployment_dfd,
+                          OstreeDeployment *new_deployment,
+                          int               new_deployment_dfd,
+                          GCancellable     *cancellable,
+                          GError          **error)
 {
-  gboolean ret = FALSE;
-  g_autoptr(GPtrArray) modified = NULL;
-  g_autoptr(GPtrArray) removed = NULL;
-  g_autoptr(GPtrArray) added = NULL;
-  guint i;
-  glnx_fd_close int orig_etc_fd = -1;
-  glnx_fd_close int modified_etc_fd = -1;
-  glnx_fd_close int new_etc_fd = -1; 
+  glnx_fd_close int owned_merge_deployment_dfd = -1;
+  const OstreeSysrootDebugFlags flags = sysroot->debug_flags;
 
-  modified = g_ptr_array_new_with_free_func ((GDestroyNotify) ostree_diff_item_unref);
-  removed = g_ptr_array_new_with_free_func ((GDestroyNotify) g_object_unref);
-  added = g_ptr_array_new_with_free_func ((GDestroyNotify) g_object_unref);
+  g_assert (merge_deployment != NULL && new_deployment != NULL);
+  g_assert (new_deployment_dfd != -1);
 
+  /* Allow the caller to pass -1 for the merge, for convenience */
+  if (merge_deployment_dfd == -1)
+    {
+      g_autofree char *merge_deployment_path = ostree_sysroot_get_deployment_dirpath (sysroot, merge_deployment);
+      if (!glnx_opendirat (sysroot->sysroot_fd, merge_deployment_path, FALSE,
+                           &owned_merge_deployment_dfd, error))
+        return FALSE;
+      merge_deployment_dfd = owned_merge_deployment_dfd;
+    }
+
+  /* TODO: get rid of GFile usage here */
+  g_autoptr(GFile) orig_etc = ot_fdrel_to_gfile (merge_deployment_dfd, "usr/etc");
+  g_autoptr(GFile) modified_etc = ot_fdrel_to_gfile (merge_deployment_dfd, "etc");
+  /* Return values for below */
+  g_autoptr(GPtrArray) modified = g_ptr_array_new_with_free_func ((GDestroyNotify) ostree_diff_item_unref);
+  g_autoptr(GPtrArray) removed = g_ptr_array_new_with_free_func ((GDestroyNotify) g_object_unref);
+  g_autoptr(GPtrArray) added = g_ptr_array_new_with_free_func ((GDestroyNotify) g_object_unref);
   /* For now, ignore changes to xattrs; the problem is that
    * security.selinux will be different between the /usr/etc labels
    * and the ones in the real /etc, so they all show up as different.
@@ -466,42 +484,37 @@ merge_etc_changes (GFile          *orig_etc,
   if (!ostree_diff_dirs (OSTREE_DIFF_FLAGS_IGNORE_XATTRS,
                          orig_etc, modified_etc, modified, removed, added,
                          cancellable, error))
-    {
-      g_prefix_error (error, "While computing configuration diff: ");
-      goto out;
-    }
+    return glnx_prefix_error (error, "While computing configuration diff");
 
   ot_log_structured_print_id_v (OSTREE_CONFIGMERGE_ID,
-                                "Copying /etc changes: %u modified, %u removed, %u added", 
+                                "Copying /etc changes: %u modified, %u removed, %u added",
                                 modified->len,
                                 removed->len,
                                 added->len);
 
-  if (!glnx_opendirat (AT_FDCWD, gs_file_get_path_cached (orig_etc), TRUE,
-                       &orig_etc_fd, error))
-    goto out;
-  if (!glnx_opendirat (AT_FDCWD, gs_file_get_path_cached (modified_etc), TRUE,
-                       &modified_etc_fd, error))
-    goto out;
-  if (!glnx_opendirat (AT_FDCWD, gs_file_get_path_cached (new_etc), TRUE,
-                       &new_etc_fd, error))
-    goto out;
+  glnx_fd_close int orig_etc_fd = -1;
+  if (!glnx_opendirat (merge_deployment_dfd, "usr/etc", TRUE, &orig_etc_fd, error))
+    return FALSE;
+  glnx_fd_close int modified_etc_fd = -1;
+  if (!glnx_opendirat (merge_deployment_dfd, "etc", TRUE, &modified_etc_fd, error))
+    return FALSE;
+  glnx_fd_close int new_etc_fd = -1;
+  if (!glnx_opendirat (new_deployment_dfd, "etc", TRUE, &new_etc_fd, error))
+    return FALSE;
 
-  for (i = 0; i < removed->len; i++)
+  for (guint i = 0; i < removed->len; i++)
     {
       GFile *file = removed->pdata[i];
-      g_autoptr(GFile) target_file = NULL;
       g_autofree char *path = NULL;
 
       path = g_file_get_relative_path (orig_etc, file);
       g_assert (path);
-      target_file = g_file_resolve_relative_path (new_etc, path);
 
-      if (!glnx_shutil_rm_rf_at (AT_FDCWD, gs_file_get_path_cached (target_file), cancellable, error))
-        goto out;
+      if (!glnx_shutil_rm_rf_at (new_etc_fd, path, cancellable, error))
+        return FALSE;
     }
 
-  for (i = 0; i < modified->len; i++)
+  for (guint i = 0; i < modified->len; i++)
     {
       OstreeDiffItem *diff = modified->pdata[i];
       g_autofree char *path = g_file_get_relative_path (modified_etc, diff->target);
@@ -510,9 +523,9 @@ merge_etc_changes (GFile          *orig_etc,
 
       if (!copy_modified_config_file (orig_etc_fd, modified_etc_fd, new_etc_fd, path,
                                       flags, cancellable, error))
-        goto out;
+        return FALSE;
     }
-  for (i = 0; i < added->len; i++)
+  for (guint i = 0; i < added->len; i++)
     {
       GFile *file = added->pdata[i];
       g_autofree char *path = g_file_get_relative_path (modified_etc, file);
@@ -521,12 +534,10 @@ merge_etc_changes (GFile          *orig_etc,
 
       if (!copy_modified_config_file (orig_etc_fd, modified_etc_fd, new_etc_fd, path,
                                       flags, cancellable, error))
-        goto out;
+        return FALSE;
     }
 
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
 
 /**
@@ -775,16 +786,7 @@ merge_configuration (OstreeSysroot         *sysroot,
                      GCancellable          *cancellable,
                      GError               **error)
 {
-  gboolean ret = FALSE;
-  g_autofree char *deployment_abspath = glnx_fdrel_abspath (deployment_dfd, ".");
-  g_autoptr(GFile) deployment_path = g_file_new_for_path (deployment_abspath);
-  g_autoptr(GFile) source_etc_path = NULL;
-  g_autoptr(GFile) source_etc_pristine_path = NULL;
-  g_autoptr(GFile) deployment_usretc_path = NULL;
-  g_autoptr(GFile) deployment_etc_path = NULL;
   glnx_unref_object OstreeSePolicy *sepolicy = NULL;
-  gboolean etc_exists;
-  gboolean usretc_exists;
 
   if (previous_deployment)
     {
@@ -792,8 +794,6 @@ merge_configuration (OstreeSysroot         *sysroot,
       OstreeBootconfigParser *previous_bootconfig;
 
       previous_path = ostree_sysroot_get_deployment_directory (sysroot, previous_deployment);
-      source_etc_path = g_file_resolve_relative_path (previous_path, "etc");
-      source_etc_pristine_path = g_file_resolve_relative_path (previous_path, "usr/etc");
 
       previous_bootconfig = ostree_deployment_get_bootconfig (previous_deployment);
       if (previous_bootconfig)
@@ -807,26 +807,20 @@ merge_configuration (OstreeSysroot         *sysroot,
         }
     }
 
-  deployment_etc_path = g_file_get_child (deployment_path, "etc");
-  deployment_usretc_path = g_file_resolve_relative_path (deployment_path, "usr/etc");
-  
-  etc_exists = g_file_query_exists (deployment_etc_path, NULL);
-  usretc_exists = g_file_query_exists (deployment_usretc_path, NULL);
+  gboolean etc_exists = FALSE;
+  if (!ot_query_exists_at (deployment_dfd, "etc", &etc_exists, error))
+    return FALSE;
+  gboolean usretc_exists = FALSE;
+  if (!ot_query_exists_at (deployment_dfd, "usr/etc", &usretc_exists, error))
+    return FALSE;
 
   if (etc_exists && usretc_exists)
-    {
-      g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
-                           "Tree contains both /etc and /usr/etc");
-      goto out;
-    }
+    return glnx_throw (error, "Tree contains both /etc and /usr/etc");
   else if (etc_exists)
     {
       /* Compatibility hack */
       if (renameat (deployment_dfd, "etc", deployment_dfd, "usr/etc") < 0)
-        {
-          glnx_set_error_from_errno (error);
-          goto out;
-        }
+        return glnx_throw_errno_prefix (error, "renameat");
       usretc_exists = TRUE;
       etc_exists = FALSE;
     }
@@ -843,9 +837,9 @@ merge_configuration (OstreeSysroot         *sysroot,
       /* Here, we initialize SELinux policy from the /usr/etc inside
        * the root - this is before we've finalized the configuration
        * merge into /etc. */
-      sepolicy = ostree_sepolicy_new (deployment_path, cancellable, error);
+      sepolicy = ostree_sepolicy_new_at (deployment_dfd, cancellable, error);
       if (!sepolicy)
-        goto out;
+        return FALSE;
       if (ostree_sepolicy_get_name (sepolicy) != NULL)
         etc_co_opts.sepolicy = sepolicy;
 
@@ -854,21 +848,21 @@ merge_configuration (OstreeSysroot         *sysroot,
                                     deployment_dfd, "etc",
                                     ostree_deployment_get_csum (deployment),
                                     cancellable, error))
-        goto out;
+        return FALSE;
+
     }
 
-  if (source_etc_path)
+  if (previous_deployment)
     {
-      if (!merge_etc_changes (source_etc_pristine_path, source_etc_path, deployment_etc_path,
-                              sysroot->debug_flags, cancellable, error))
-        goto out;
+      if (!merge_configuration_from (sysroot, previous_deployment, -1,
+                                     deployment, deployment_dfd,
+                                     cancellable, error))
+        return FALSE;
     }
 
-  ret = TRUE;
   if (out_sepolicy)
     *out_sepolicy = g_steal_pointer (&sepolicy);
- out:
-  return ret;
+  return TRUE;
 }
 
 static gboolean
@@ -1034,9 +1028,9 @@ checksum_from_kernel_src (const char   *name,
   const char *last_dash = strrchr (name, '-');
   if (!last_dash)
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Malformed kernel/initramfs name '%s', missing '-'", name);
-      return FALSE;
+      return glnx_throw (error,
+                        "Malformed kernel/initramfs name '%s', missing '-'",
+                        name);
     }
   *out_checksum = g_strdup (last_dash + 1);
   return TRUE;
@@ -1962,10 +1956,7 @@ ostree_sysroot_deploy_tree (OstreeSysroot     *self,
   if (!glnx_opendirat (self->sysroot_fd, osdeploypath, TRUE, &os_deploy_dfd, error))
     return FALSE;
 
-  glnx_unref_object OstreeRepo *repo = NULL;
-  if (!ostree_sysroot_get_repo (self, &repo, cancellable, error))
-    return FALSE;
-
+  OstreeRepo *repo = ostree_sysroot_repo (self);
   glnx_unref_object OstreeDeployment *merge_deployment = NULL;
   if (provided_merge_deployment != NULL)
     merge_deployment = g_object_ref (provided_merge_deployment);
diff --git a/src/libostree/ostree-sysroot-private.h b/src/libostree/ostree-sysroot-private.h
index 26cfd363..14ee5cad 100644
--- a/src/libostree/ostree-sysroot-private.h
+++ b/src/libostree/ostree-sysroot-private.h
@@ -57,6 +57,7 @@ struct OstreeSysroot {
 
   /* Only access through ostree_sysroot_get_repo() */
   OstreeRepo *repo;
+  gboolean repo_opened;
 
   OstreeSysrootDebugFlags debug_flags;
 };
diff --git a/src/libostree/ostree-sysroot-upgrader.c b/src/libostree/ostree-sysroot-upgrader.c
index 9816b3d6..45ef90e6 100644
--- a/src/libostree/ostree-sysroot-upgrader.c
+++ b/src/libostree/ostree-sysroot-upgrader.c
@@ -512,6 +512,10 @@ ostree_sysroot_upgrader_pull_one_dir (OstreeSysrootUpgrader  *self,
   char *refs_to_fetch[] = { NULL, NULL };
   const char *from_revision = NULL;
   g_autofree char *origin_refspec = NULL;
+  g_autofree char *new_revision = NULL;
+  g_autoptr(GVariant) new_variant = NULL;
+  g_autoptr(GVariant) new_metadata = NULL;
+  g_autoptr(GVariant) rebase = NULL;
 
   if (self->override_csum != NULL)
     refs_to_fetch[0] = self->override_csum;
@@ -541,6 +545,48 @@ ostree_sysroot_upgrader_pull_one_dir (OstreeSysrootUpgrader  *self,
         ostree_async_progress_finish (progress);
     }
 
+  /* Check to see if the commit marks the ref as EOL, redirecting to
+   * another. */
+  if (!ostree_repo_resolve_rev (repo, origin_refspec, FALSE,
+                                &new_revision, error))
+    return FALSE;
+
+  if (!ostree_repo_load_variant (repo,
+                                 OSTREE_OBJECT_TYPE_COMMIT,
+                                 new_revision,
+                                 &new_variant,
+                                 error))
+    return FALSE;
+
+  g_variant_get_child (new_variant, 0, "@a{sv}", &new_metadata);
+  rebase = g_variant_lookup_value (new_metadata, "ostree.endoflife-rebase", G_VARIANT_TYPE_STRING);
+  if (rebase)
+    {
+      const char *new_ref = g_variant_get_string (rebase, 0);
+
+      /* Pull the new ref */
+      if (self->origin_remote &&
+          (upgrader_flags & OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_SYNTHETIC) == 0)
+        {
+          refs_to_fetch[0] = (char *) new_ref;
+          if (!ostree_repo_pull_one_dir (repo, self->origin_remote, dir_to_pull, refs_to_fetch,
+                                         flags, progress, cancellable, error))
+            return FALSE;
+        }
+
+        /* Use the new ref for the rest of the update process */
+        g_free (self->origin_ref);
+        self->origin_ref = g_strdup(new_ref);
+        g_free (origin_refspec);
+
+        if (self->origin_remote)
+          origin_refspec = g_strconcat (self->origin_remote, ":", new_ref, NULL);
+        else
+          origin_refspec = g_strdup (new_ref);
+
+        g_key_file_set_string (self->origin, "origin", "refspec", origin_refspec);
+    }
+
   if (self->override_csum != NULL)
     {
       if (!ostree_repo_set_ref_immediate (repo,
diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c
index e47214c5..90868aae 100644
--- a/src/libostree/ostree-sysroot.c
+++ b/src/libostree/ostree-sysroot.c
@@ -26,6 +26,7 @@
 #include 
 
 #include "ostree-core-private.h"
+#include "ostree-repo-private.h"
 #include "ostree-sepolicy-private.h"
 #include "ostree-sysroot-private.h"
 #include "ostree-deployment-private.h"
@@ -133,6 +134,7 @@ ostree_sysroot_constructed (GObject *object)
 
   repo_path = g_file_resolve_relative_path (self->path, "ostree/repo");
   self->repo = ostree_repo_new_for_sysroot_path (repo_path, self->path);
+  self->repo->is_system = TRUE;
 
   G_OBJECT_CLASS (ostree_sysroot_parent_class)->constructed (object);
 }
@@ -727,6 +729,18 @@ ostree_sysroot_load (OstreeSysroot  *self,
   return ostree_sysroot_load_if_changed (self, NULL, cancellable, error);
 }
 
+static gboolean
+ensure_repo_opened (OstreeSysroot  *self,
+                    GError        **error)
+{
+  if (self->repo_opened)
+    return TRUE;
+  if (!ostree_repo_open (self->repo, NULL, error))
+    return FALSE;
+  self->repo_opened = TRUE;
+  return TRUE;
+}
+
 gboolean
 ostree_sysroot_load_if_changed (OstreeSysroot  *self,
                                 gboolean       *out_changed,
@@ -736,6 +750,13 @@ ostree_sysroot_load_if_changed (OstreeSysroot  *self,
   if (!ensure_sysroot_fd (self, error))
     return FALSE;
 
+  /* Here we also lazily initialize the repository.  We didn't do this
+   * previous to v2017.6, but we do now to support the error-free
+   * ostree_sysroot_repo() API.
+   */
+  if (!ensure_repo_opened (self, error))
+    return FALSE;
+
   int bootversion = 0;
   if (!read_current_bootversion (self, &bootversion, cancellable, error))
     return FALSE;
@@ -916,8 +937,7 @@ ostree_sysroot_get_repo (OstreeSysroot         *self,
                          GCancellable  *cancellable,
                          GError       **error)
 {
-  /* ostree_repo_open() is idempotent. */
-  if (!ostree_repo_open (self->repo, cancellable, error))
+  if (!ensure_repo_opened (self, error))
     return FALSE;
 
   if (out_repo != NULL)
@@ -925,6 +945,24 @@ ostree_sysroot_get_repo (OstreeSysroot         *self,
   return TRUE;
 }
 
+/**
+ * ostree_sysroot_repo:
+ * @self: Sysroot
+ *
+ * This function is a variant of ostree_sysroot_get_repo() that cannot fail, and
+ * returns a cached repository. Can only be called after ostree_sysroot_load()
+ * has been invoked successfully.
+ *
+ * Returns: (transfer none): The OSTree repository in sysroot @self.
+ */
+OstreeRepo *
+ostree_sysroot_repo (OstreeSysroot *self)
+{
+  g_return_val_if_fail (self->loaded, NULL);
+  g_assert (self->repo);
+  return self->repo;
+}
+
 /**
  * ostree_sysroot_query_bootloader:
  * @sysroot: Sysroot
@@ -1069,6 +1107,63 @@ find_booted_deployment (OstreeSysroot       *self,
   return TRUE;
 }
 
+/**
+ * ostree_sysroot_query_deployments_for:
+ * @self: Sysroot
+ * @osname: (allow-none): "stateroot" name
+ * @out_pending: (out) (allow-none) (transfer full): The pending deployment
+ * @out_rollback: (out) (allow-none) (transfer full): The rollback deployment
+ *
+ * Find the pending and rollback deployments for @osname. Pass %NULL for @osname
+ * to use the booted deployment's osname. By default, pending deployment is the
+ * first deployment in the order that matches @osname, and @rollback will be the
+ * next one after the booted deployment, or the deployment after the pending if
+ * we're not looking at the booted deployment.
+ *
+ * Since: 2017.7
+ */
+void
+ostree_sysroot_query_deployments_for (OstreeSysroot     *self,
+                                      const char        *osname,
+                                      OstreeDeployment  **out_pending,
+                                      OstreeDeployment  **out_rollback)
+{
+  g_return_if_fail (osname != NULL || self->booted_deployment != NULL);
+  g_autoptr(OstreeDeployment) ret_pending = NULL;
+  g_autoptr(OstreeDeployment) ret_rollback = NULL;
+
+  if (osname == NULL)
+    osname = ostree_deployment_get_osname (self->booted_deployment);
+
+  gboolean found_booted = FALSE;
+  for (guint i = 0; i < self->deployments->len; i++)
+    {
+      OstreeDeployment *deployment = self->deployments->pdata[i];
+
+      /* Is this deployment booted?  If so, note we're past the booted */
+      if (self->booted_deployment != NULL &&
+          ostree_deployment_equal (deployment, self->booted_deployment))
+        {
+          found_booted = TRUE;
+          continue;
+        }
+
+      /* Ignore deployments not for this osname */
+      if (strcmp (ostree_deployment_get_osname (deployment), osname) != 0)
+          continue;
+
+      if (!found_booted && !ret_pending)
+        ret_pending = g_object_ref (deployment);
+      else if (found_booted && !ret_rollback)
+        ret_rollback = g_object_ref (deployment);
+    }
+  if (out_pending)
+    *out_pending = g_steal_pointer (&ret_pending);
+  if (out_rollback)
+    *out_rollback = g_steal_pointer (&ret_rollback);
+}
+
+
 /**
  * ostree_sysroot_get_merge_deployment:
  * @self: Sysroot
@@ -1094,23 +1189,13 @@ ostree_sysroot_get_merge_deployment (OstreeSysroot     *self,
    */
   if (self->booted_deployment &&
       g_strcmp0 (ostree_deployment_get_osname (self->booted_deployment), osname) == 0)
-    {
       return g_object_ref (self->booted_deployment);
-    }
   else
     {
-      guint i;
-      for (i = 0; i < self->deployments->len; i++)
-        {
-          OstreeDeployment *deployment = self->deployments->pdata[i];
-
-          if (strcmp (ostree_deployment_get_osname (deployment), osname) != 0)
-            continue;
-
-          return g_object_ref (deployment);
-        }
+      g_autoptr(OstreeDeployment) pending = NULL;
+      ostree_sysroot_query_deployments_for (self, osname, &pending, NULL);
+      return g_steal_pointer (&pending);
     }
-  return NULL;
 }
 
 /**
@@ -1352,6 +1437,11 @@ ostree_sysroot_init_osname (OstreeSysroot       *self,
  * If %OSTREE_SYSROOT_SIMPLE_WRITE_DEPLOYMENT_FLAGS_NOT_DEFAULT is
  * specified, then instead of prepending, the new deployment will be
  * added right after the booted or merge deployment, instead of first.
+ *
+ * If %OSTREE_SYSROOT_SIMPLE_WRITE_DEPLOYMENT_FLAGS_NO_CLEAN is
+ * specified, then no cleanup will be performed after adding the
+ * deployment. Make sure to call ostree_sysroot_cleanup() sometime
+ * later, instead.
  */
 gboolean
 ostree_sysroot_simple_write_deployment (OstreeSysroot      *sysroot,
diff --git a/src/libostree/ostree-sysroot.h b/src/libostree/ostree-sysroot.h
index 09614b55..3d2446f9 100644
--- a/src/libostree/ostree-sysroot.h
+++ b/src/libostree/ostree-sysroot.h
@@ -126,6 +126,9 @@ gboolean ostree_sysroot_write_origin_file (OstreeSysroot         *sysroot,
                                            GCancellable          *cancellable,
                                            GError               **error);
 
+_OSTREE_PUBLIC
+OstreeRepo * ostree_sysroot_repo (OstreeSysroot *self);
+
 _OSTREE_PUBLIC
 gboolean ostree_sysroot_get_repo (OstreeSysroot         *self,
                                   OstreeRepo           **out_repo,
@@ -184,6 +187,12 @@ gboolean ostree_sysroot_deployment_unlock (OstreeSysroot     *self,
                                            GCancellable      *cancellable,
                                            GError           **error);
 
+_OSTREE_PUBLIC
+void ostree_sysroot_query_deployments_for (OstreeSysroot     *self,
+                                           const char        *osname,
+                                           OstreeDeployment  **out_pending,
+                                           OstreeDeployment  **out_rollback);
+
 _OSTREE_PUBLIC
 OstreeDeployment *ostree_sysroot_get_merge_deployment (OstreeSysroot     *self,
                                                        const char        *osname);
diff --git a/src/libostree/ostree-version.h b/src/libostree/ostree-version.h
index f9549150..85491b0d 100644
--- a/src/libostree/ostree-version.h
+++ b/src/libostree/ostree-version.h
@@ -32,6 +32,8 @@
  * OSTREE_YEAR_VERSION:
  *
  * ostree year version component (e.g. 2017 if %OSTREE_VERSION is 2017.2)
+ *
+ * Since: 2017.4
  */
 #define OSTREE_YEAR_VERSION (2017)
 
@@ -39,23 +41,29 @@
  * OSTREE_RELEASE_VERSION:
  *
  * ostree release version component (e.g. 2 if %OSTREE_VERSION is 2017.2)
+ *
+ * Since: 2017.4
  */
-#define OSTREE_RELEASE_VERSION (6)
+#define OSTREE_RELEASE_VERSION (7)
 
 /**
  * OSTREE_VERSION
  *
  * ostree version.
+ *
+ * Since: 2017.4
  */
-#define OSTREE_VERSION (2017.6)
+#define OSTREE_VERSION (2017.7)
 
 /**
  * OSTREE_VERSION_S:
  *
  * ostree version, encoded as a string, useful for printing and
  * concatenation.
+ *
+ * Since: 2017.4
  */
-#define OSTREE_VERSION_S "2017.6"
+#define OSTREE_VERSION_S "2017.7"
 
 #define OSTREE_ENCODE_VERSION(year,release) \
         ((year) << 16 | (release))
@@ -65,6 +73,8 @@
  *
  * ostree version, encoded as an hexadecimal number, useful for
  * integer comparisons.
+ *
+ * Since: 2017.4
  */
 #define OSTREE_VERSION_HEX \
         (OSTREE_ENCODE_VERSION (OSTREE_YEAR_VERSION, OSTREE_RELEASE_VERSION))
@@ -76,6 +86,8 @@
  *
  * Compile-time version checking. Evaluates to %TRUE if the version
  * of ostree is equal or greater than the required one.
+ *
+ * Since: 2017.4
  */
 #define OSTREE_CHECK_VERSION(year,release)   \
         (OSTREE_YEAR_VERSION > (year) || \
diff --git a/src/libostree/ostree-version.h.in b/src/libostree/ostree-version.h.in
index 7d775cc2..3f4d0fb7 100644
--- a/src/libostree/ostree-version.h.in
+++ b/src/libostree/ostree-version.h.in
@@ -32,6 +32,8 @@
  * OSTREE_YEAR_VERSION:
  *
  * ostree year version component (e.g. 2017 if %OSTREE_VERSION is 2017.2)
+ *
+ * Since: 2017.4
  */
 #define OSTREE_YEAR_VERSION (@YEAR_VERSION@)
 
@@ -39,6 +41,8 @@
  * OSTREE_RELEASE_VERSION:
  *
  * ostree release version component (e.g. 2 if %OSTREE_VERSION is 2017.2)
+ *
+ * Since: 2017.4
  */
 #define OSTREE_RELEASE_VERSION (@RELEASE_VERSION@)
 
@@ -46,6 +50,8 @@
  * OSTREE_VERSION
  *
  * ostree version.
+ *
+ * Since: 2017.4
  */
 #define OSTREE_VERSION (@VERSION@)
 
@@ -54,6 +60,8 @@
  *
  * ostree version, encoded as a string, useful for printing and
  * concatenation.
+ *
+ * Since: 2017.4
  */
 #define OSTREE_VERSION_S "@VERSION@"
 
@@ -65,6 +73,8 @@
  *
  * ostree version, encoded as an hexadecimal number, useful for
  * integer comparisons.
+ *
+ * Since: 2017.4
  */
 #define OSTREE_VERSION_HEX \
         (OSTREE_ENCODE_VERSION (OSTREE_YEAR_VERSION, OSTREE_RELEASE_VERSION))
@@ -76,6 +86,8 @@
  *
  * Compile-time version checking. Evaluates to %TRUE if the version
  * of ostree is equal or greater than the required one.
+ *
+ * Since: 2017.4
  */
 #define OSTREE_CHECK_VERSION(year,release)   \
         (OSTREE_YEAR_VERSION > (year) || \
diff --git a/src/libotutil/ot-fs-utils.c b/src/libotutil/ot-fs-utils.c
index 529077fb..8ed88984 100644
--- a/src/libotutil/ot-fs-utils.c
+++ b/src/libotutil/ot-fs-utils.c
@@ -25,6 +25,61 @@
 #include 
 #include 
 
+/* Before https://github.com/GNOME/libglnx/commit/9929adc, the libglnx
+ * tmpfile API made it hard to clean up tmpfiles in failure cases.
+ * it's API breaking. Carry the fix here until we're ready to fully port.
+ */
+void
+ot_tmpfile_clear (OtTmpfile *tmpf)
+{
+  if (!tmpf->initialized)
+    return;
+  if (tmpf->fd == -1)
+    return;
+  (void) close (tmpf->fd);
+  /* If ->path is set, we're likely aborting due to an error. Clean it up */
+  if (tmpf->path)
+    {
+      (void) unlinkat (tmpf->src_dfd, tmpf->path, 0);
+      g_free (tmpf->path);
+    }
+}
+
+gboolean
+ot_open_tmpfile_linkable_at (int dfd,
+                             const char *subpath,
+                             int flags,
+                             OtTmpfile *out_tmpf,
+                             GError **error)
+{
+  if (!glnx_open_tmpfile_linkable_at (dfd, subpath, flags, &out_tmpf->fd, &out_tmpf->path, error))
+    return FALSE;
+  out_tmpf->initialized = TRUE;
+  out_tmpf->src_dfd = dfd;
+  return TRUE;
+}
+
+gboolean
+ot_link_tmpfile_at (OtTmpfile *tmpf,
+                    GLnxLinkTmpfileReplaceMode mode,
+                    int target_dfd,
+                    const char *target,
+                    GError **error)
+{
+  g_return_val_if_fail (tmpf->initialized, FALSE);
+  glnx_fd_close int fd = glnx_steal_fd (&tmpf->fd);
+  if (!glnx_link_tmpfile_at (tmpf->src_dfd, mode, fd, tmpf->path,
+                             target_dfd, target, error))
+    {
+      if (tmpf->path)
+        (void) unlinkat (tmpf->src_dfd, tmpf->path, 0);
+      tmpf->initialized = FALSE;
+      return FALSE;
+    }
+  tmpf->initialized = FALSE;
+  return TRUE;
+}
+
 /* Convert a fd-relative path to a GFile* - use
  * for legacy code.
  */
@@ -42,24 +97,15 @@ ot_readlinkat_gfile_info (int             dfd,
                           GCancellable   *cancellable,
                           GError        **error)
 {
-  gboolean ret = FALSE;
   char targetbuf[PATH_MAX+1];
   ssize_t len;
 
-  do
-    len = readlinkat (dfd, path, targetbuf, sizeof (targetbuf) - 1);
-  while (G_UNLIKELY (len == -1 && errno == EINTR));
-  if (len == -1)
-    {
-      glnx_set_error_from_errno (error);
-      goto out;
-    }
+  if (TEMP_FAILURE_RETRY (len = readlinkat (dfd, path, targetbuf, sizeof (targetbuf) - 1)) < 0)
+    return glnx_throw_errno_prefix (error, "readlinkat");
   targetbuf[len] = '\0';
   g_file_info_set_symlink_target (target_info, targetbuf);
 
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
 
 
@@ -85,26 +131,17 @@ ot_openat_read_stream (int             dfd,
                        GCancellable   *cancellable,
                        GError        **error)
 {
-  gboolean ret = FALSE;
   int fd = -1;
   int flags = O_RDONLY | O_NOCTTY | O_CLOEXEC;
 
   if (!follow)
     flags |= O_NOFOLLOW;
 
-  do
-    fd = openat (dfd, path, flags, 0);
-  while (G_UNLIKELY (fd == -1 && errno == EINTR));
-  if (fd == -1)
-    {
-      glnx_set_error_from_errno (error);
-      goto out;
-    }
+  if (TEMP_FAILURE_RETRY (fd = openat (dfd, path, flags, 0)) < 0)
+    return glnx_throw_errno_prefix (error, "openat(%s)", path);
 
   *out_istream = g_unix_input_stream_new (fd, TRUE);
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
 
 gboolean
@@ -115,10 +152,7 @@ ot_ensure_unlinked_at (int dfd,
   if (unlinkat (dfd, path, 0) != 0)
     {
       if (G_UNLIKELY (errno != ENOENT))
-        {
-          glnx_set_error_from_errno (error);
-          return FALSE;
-        }
+        return glnx_throw_errno_prefix (error, "unlink(%s)", path);
     }
   return TRUE;
 }
@@ -134,10 +168,7 @@ ot_query_exists_at (int dfd, const char *path,
   if (fstatat (dfd, path, &stbuf, AT_SYMLINK_NOFOLLOW) < 0)
     {
       if (errno != ENOENT)
-        {
-          glnx_set_error_from_errno (error);
-          return FALSE;
-        }
+        return glnx_throw_errno_prefix (error, "fstatat(%s)", path);
       ret_exists = FALSE;
     }
   else
@@ -153,23 +184,15 @@ ot_openat_ignore_enoent (int dfd,
                          int *out_fd,
                          GError **error)
 {
-  gboolean ret = FALSE;
-  int target_fd = -1;
-
-  target_fd = openat (dfd, path, O_CLOEXEC | O_RDONLY);
+  int target_fd = openat (dfd, path, O_CLOEXEC | O_RDONLY);
   if (target_fd < 0)
     {
       if (errno != ENOENT)
-        {
-          glnx_set_error_from_errno (error);
-          goto out;
-        }
+        return glnx_throw_errno_prefix (error, "openat(%s)", path);
     }
 
-  ret = TRUE;
   *out_fd = target_fd;
- out:
-  return ret;
+  return TRUE;
 }
 
 /* Like glnx_dirfd_iterator_init_at(), but if %ENOENT, then set
@@ -206,10 +229,7 @@ ot_file_mapat_bytes (int dfd,
   g_autoptr(GMappedFile) mfile = NULL;
 
   if (fd < 0)
-    {
-      glnx_set_error_from_errno (error);
-      return FALSE;
-    }
+    return glnx_null_throw_errno_prefix (error, "openat(%s)", path);
 
   mfile = g_mapped_file_new_from_fd (fd, FALSE, error);
   if (!mfile)
diff --git a/src/libotutil/ot-fs-utils.h b/src/libotutil/ot-fs-utils.h
index 14df8acb..26c5a499 100644
--- a/src/libotutil/ot-fs-utils.h
+++ b/src/libotutil/ot-fs-utils.h
@@ -25,6 +25,30 @@
 
 G_BEGIN_DECLS
 
+/* This is a copy of https://github.com/GNOME/libglnx/pull/46 until we
+ * can do a full port; see https://github.com/ostreedev/ostree/pull/861 */
+typedef struct {
+  gboolean initialized;
+  int src_dfd;
+  int fd;
+  char *path;
+} OtTmpfile;
+void ot_tmpfile_clear (OtTmpfile *tmpf);
+G_DEFINE_AUTO_CLEANUP_CLEAR_FUNC(OtTmpfile, ot_tmpfile_clear);
+
+gboolean
+ot_open_tmpfile_linkable_at (int dfd,
+                             const char *subpath,
+                             int flags,
+                             OtTmpfile *out_tmpf,
+                             GError **error);
+gboolean
+ot_link_tmpfile_at (OtTmpfile *tmpf,
+                    GLnxLinkTmpfileReplaceMode flags,
+                    int target_dfd,
+                    const char *target,
+                    GError **error);
+
 GFile * ot_fdrel_to_gfile (int dfd, const char *path);
 
 gboolean ot_readlinkat_gfile_info (int             dfd,
diff --git a/src/libotutil/ot-gio-utils.c b/src/libotutil/ot-gio-utils.c
index 5d12d430..a4b61842 100644
--- a/src/libotutil/ot-gio-utils.c
+++ b/src/libotutil/ot-gio-utils.c
@@ -100,10 +100,7 @@ ot_gfile_ensure_unlinked (GFile         *path,
   if (unlink (gs_file_get_path_cached (path)) != 0)
     {
       if (errno != ENOENT)
-        {
-          glnx_set_error_from_errno (error);
-          return FALSE;
-        }
+        return glnx_throw_errno_prefix (error, "unlink(%s)", gs_file_get_path_cached (path));
     }
   return TRUE;
 }
diff --git a/src/libotutil/ot-tool-util.c b/src/libotutil/ot-tool-util.c
index 1043f55f..0743c528 100644
--- a/src/libotutil/ot-tool-util.c
+++ b/src/libotutil/ot-tool-util.c
@@ -40,9 +40,7 @@ ot_parse_boolean (const char  *value,
     *out_parsed = FALSE;
   else
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Invalid boolean argument '%s'", value);
-      return FALSE;
+      return glnx_throw (error, "Invalid boolean argument '%s'", value);
     }
 
   return TRUE;
@@ -57,9 +55,7 @@ ot_parse_keyvalue (const char  *keyvalue,
   const char *eq = strchr (keyvalue, '=');
   if (!eq)
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Missing '=' in KEY=VALUE for --set");
-      return FALSE;
+      return glnx_throw (error, "Missing '=' in KEY=VALUE for --set");
     }
   *out_key = g_strndup (keyvalue, eq - keyvalue);
   *out_value = g_strdup (eq + 1);
diff --git a/src/libotutil/ot-unix-utils.c b/src/libotutil/ot-unix-utils.c
index 46dd346e..54547dd9 100644
--- a/src/libotutil/ot-unix-utils.c
+++ b/src/libotutil/ot-unix-utils.c
@@ -41,21 +41,15 @@ ot_util_filename_validate (const char *name,
 {
   if (strcmp (name, ".") == 0)
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Invalid self-referential filename '.'");
-      return FALSE;
+      return glnx_throw (error, "Invalid self-referential filename '.'");
     }
   if (strcmp (name, "..") == 0)
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Invalid path uplink filename '..'");
-      return FALSE;
+      return glnx_throw (error, "Invalid path uplink filename '..'");
     }
   if (strchr (name, '/') != NULL)
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Invalid / in filename %s", name);
-      return FALSE;
+      return glnx_throw (error, "Invalid / in filename %s", name);
     }
   return TRUE;
 }
diff --git a/src/ostree/ot-admin-builtin-deploy.c b/src/ostree/ot-admin-builtin-deploy.c
index e59bec8e..709c635e 100644
--- a/src/ostree/ot-admin-builtin-deploy.c
+++ b/src/ostree/ot-admin-builtin-deploy.c
@@ -56,7 +56,7 @@ ot_admin_builtin_deploy (int argc, char **argv, GCancellable *cancellable, GErro
   const char *refspec;
   g_autoptr(GOptionContext) context = NULL;
   glnx_unref_object OstreeSysroot *sysroot = NULL;
-  GKeyFile *origin = NULL;
+  g_autoptr(GKeyFile) origin = NULL;
   glnx_unref_object OstreeRepo *repo = NULL;
   glnx_unref_object OstreeDeployment *new_deployment = NULL;
   glnx_unref_object OstreeDeployment *merge_deployment = NULL;
@@ -171,7 +171,5 @@ ot_admin_builtin_deploy (int argc, char **argv, GCancellable *cancellable, GErro
 
   ret = TRUE;
  out:
-  if (origin)
-    g_key_file_unref (origin);
   return ret;
 }
diff --git a/src/ostree/ot-admin-builtin-status.c b/src/ostree/ot-admin-builtin-status.c
index 79621a1d..a437e7cf 100644
--- a/src/ostree/ot-admin-builtin-status.c
+++ b/src/ostree/ot-admin-builtin-status.c
@@ -88,6 +88,8 @@ ot_admin_builtin_status (int argc, char **argv, GCancellable *cancellable, GErro
   gboolean ret = FALSE;
   glnx_unref_object OstreeRepo *repo = NULL;
   OstreeDeployment *booted_deployment = NULL;
+  g_autoptr(OstreeDeployment) pending_deployment = NULL;
+  g_autoptr(OstreeDeployment) rollback_deployment = NULL;
   g_autoptr(GPtrArray) deployments = NULL;
   const int is_tty = isatty (1);
   const char *red_bold_prefix = is_tty ? "\x1b[31m\x1b[1m" : "";
@@ -110,6 +112,10 @@ ot_admin_builtin_status (int argc, char **argv, GCancellable *cancellable, GErro
   deployments = ostree_sysroot_get_deployments (sysroot);
   booted_deployment = ostree_sysroot_get_booted_deployment (sysroot);
 
+  if (booted_deployment)
+    ostree_sysroot_query_deployments_for (sysroot, NULL, &pending_deployment,
+                                          &rollback_deployment);
+
   if (deployments->len == 0)
     {
       g_print ("No deployments.\n");
@@ -129,11 +135,17 @@ ot_admin_builtin_status (int argc, char **argv, GCancellable *cancellable, GErro
 
           origin = ostree_deployment_get_origin (deployment);
 
-          g_print ("%c %s %s.%d\n",
+          const char *deployment_status = "";
+          if (deployment == pending_deployment)
+            deployment_status = " (pending)";
+          else if (deployment == rollback_deployment)
+            deployment_status = " (rollback)";
+          g_print ("%c %s %s.%d%s\n",
                    deployment == booted_deployment ? '*' : ' ',
                    ostree_deployment_get_osname (deployment),
                    ostree_deployment_get_csum (deployment),
-                   ostree_deployment_get_deployserial (deployment));
+                   ostree_deployment_get_deployserial (deployment),
+                   deployment_status);
           if (version)
             g_print ("    Version: %s\n", version);
           switch (unlocked)
diff --git a/src/ostree/ot-admin-builtin-switch.c b/src/ostree/ot-admin-builtin-switch.c
index d72aeebd..9df77f05 100644
--- a/src/ostree/ot-admin-builtin-switch.c
+++ b/src/ostree/ot-admin-builtin-switch.c
@@ -58,7 +58,7 @@ ot_admin_builtin_switch (int argc, char **argv, GCancellable *cancellable, GErro
   glnx_unref_object OstreeAsyncProgress *progress = NULL;
   gboolean changed;
   GKeyFile *old_origin;
-  GKeyFile *new_origin = NULL;
+  g_autoptr(GKeyFile) new_origin = NULL;
 
   context = g_option_context_new ("REF - Construct new tree from REF and deploy it");
 
@@ -166,7 +166,5 @@ ot_admin_builtin_switch (int argc, char **argv, GCancellable *cancellable, GErro
 
   ret = TRUE;
  out:
-  if (new_origin)
-    g_key_file_unref (new_origin);
   return ret;
 }
diff --git a/src/ostree/ot-builtin-cat.c b/src/ostree/ot-builtin-cat.c
index a784afe1..db0ffab3 100644
--- a/src/ostree/ot-builtin-cat.c
+++ b/src/ostree/ot-builtin-cat.c
@@ -39,64 +39,45 @@ cat_one_file (GFile         *f,
               GCancellable  *cancellable,
               GError       **error)
 {
-  gboolean ret = FALSE;
-  g_autoptr(GInputStream) in = NULL;
-  
-  in = (GInputStream*)g_file_read (f, cancellable, error);
+  g_autoptr(GInputStream) in = (GInputStream*)g_file_read (f, cancellable, error);
   if (!in)
-    goto out;
+    return FALSE;
 
-  {
-    gssize n_bytes_written = g_output_stream_splice (stdout_stream, in, G_OUTPUT_STREAM_SPLICE_CLOSE_SOURCE,
-                                                     cancellable, error);
-    if (n_bytes_written < 0)
-      goto out;
-  }
+  if (g_output_stream_splice (stdout_stream, in, G_OUTPUT_STREAM_SPLICE_CLOSE_SOURCE,
+                              cancellable, error) < 0)
+    return FALSE;
 
-  ret = TRUE;
- out:
-  return ret;
+  return TRUE;
 }
 
 gboolean
 ostree_builtin_cat (int argc, char **argv, GCancellable *cancellable, GError **error)
 {
-  g_autoptr(GOptionContext) context = NULL;
-  glnx_unref_object OstreeRepo *repo = NULL;
-  gboolean ret = FALSE;
-  int i;
-  const char *rev;
-  g_autoptr(GOutputStream) stdout_stream = NULL;
-  g_autoptr(GFile) root = NULL;
-  g_autoptr(GFile) f = NULL;
-
-  context = g_option_context_new ("COMMIT PATH... - Concatenate contents of files");
-
+  g_autoptr(GOptionContext) context = g_option_context_new ("COMMIT PATH... - Concatenate contents of files");
+  g_autoptr(OstreeRepo) repo = NULL;
   if (!ostree_option_context_parse (context, options, &argc, &argv, OSTREE_BUILTIN_FLAG_NONE, &repo, cancellable, error))
-    goto out;
+    return FALSE;
 
   if (argc <= 2)
     {
       ot_util_usage_error (context, "A COMMIT and at least one PATH argument are required", error);
-      goto out;
+      return FALSE;
     }
-  rev = argv[1];
+  const char *rev = argv[1];
 
+  g_autoptr(GFile) root = NULL;
   if (!ostree_repo_read_commit (repo, rev, &root, NULL, NULL, error))
-    goto out;
+    return FALSE;
 
-  stdout_stream = g_unix_output_stream_new (1, FALSE);
+  g_autoptr(GOutputStream) stdout_stream = g_unix_output_stream_new (1, FALSE);
 
-  for (i = 2; i < argc; i++)
+  for (int i = 2; i < argc; i++)
     {
-      g_clear_object (&f);
-      f = g_file_resolve_relative_path (root, argv[i]);
+      g_autoptr(GFile) f = g_file_resolve_relative_path (root, argv[i]);
 
       if (!cat_one_file (f, stdout_stream, cancellable, error))
-        goto out;
+        return FALSE;
     }
- 
-  ret = TRUE;
- out:
-  return ret;
+
+  return TRUE;
 }
diff --git a/src/ostree/ot-builtin-checkout.c b/src/ostree/ot-builtin-checkout.c
index 8ffe5bb7..937c5b96 100644
--- a/src/ostree/ot-builtin-checkout.c
+++ b/src/ostree/ot-builtin-checkout.c
@@ -43,6 +43,7 @@ static char *opt_from_file;
 static gboolean opt_disable_fsync;
 static gboolean opt_require_hardlinks;
 static gboolean opt_force_copy;
+static gboolean opt_bareuseronly_dirs;
 
 static gboolean
 parse_fsync_cb (const char  *option_name,
@@ -73,6 +74,7 @@ static GOptionEntry options[] = {
   { "fsync", 0, 0, G_OPTION_ARG_CALLBACK, parse_fsync_cb, "Specify how to invoke fsync()", "POLICY" },
   { "require-hardlinks", 'H', 0, G_OPTION_ARG_NONE, &opt_require_hardlinks, "Do not fall back to full copies if hardlinking fails", NULL },
   { "force-copy", 'C', 0, G_OPTION_ARG_NONE, &opt_force_copy, "Never hardlink (but may reflink if available)", NULL },
+  { "bareuseronly-dirs", 'M', 0, G_OPTION_ARG_NONE, &opt_bareuseronly_dirs, "Suppress mode bits outside of 0775 for directories (suid, world writable, etc.)", NULL },
   { NULL }
 };
 
@@ -91,7 +93,8 @@ process_one_checkout (OstreeRepo           *repo,
    * `ostree_repo_checkout_at` until such time as we have a more
    * convenient infrastructure for testing C APIs with data.
    */
-  if (opt_disable_cache || opt_whiteouts || opt_require_hardlinks || opt_union_add || opt_force_copy)
+  if (opt_disable_cache || opt_whiteouts || opt_require_hardlinks ||
+      opt_union_add || opt_force_copy || opt_bareuseronly_dirs)
     {
       OstreeRepoCheckoutAtOptions options = { 0, };
 
@@ -119,6 +122,7 @@ process_one_checkout (OstreeRepo           *repo,
         options.subpath = subpath;
       options.no_copy_fallback = opt_require_hardlinks;
       options.force_copy = opt_force_copy;
+      options.bareuseronly_dirs = opt_bareuseronly_dirs;
 
       if (!ostree_repo_checkout_at (repo, &options,
                                     AT_FDCWD, destination,
diff --git a/src/ostree/ot-builtin-commit.c b/src/ostree/ot-builtin-commit.c
index 4b0d8821..c14cbec5 100644
--- a/src/ostree/ot-builtin-commit.c
+++ b/src/ostree/ot-builtin-commit.c
@@ -147,9 +147,7 @@ handle_statoverride_line (const char  *line,
   spc = strchr (line, ' ');
   if (spc == NULL)
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Malformed statoverride file (no space found)");
-      return FALSE;
+      return glnx_throw (error, "Malformed statoverride file (no space found)");
     }
 
   mode_add = (guint32)(gint32)g_ascii_strtod (line, NULL);
diff --git a/src/ostree/ot-builtin-config.c b/src/ostree/ot-builtin-config.c
index 0d8f7b77..a9a5f52a 100644
--- a/src/ostree/ot-builtin-config.c
+++ b/src/ostree/ot-builtin-config.c
@@ -41,9 +41,8 @@ split_key_string (const char   *k,
   
   if (!dot)
     {
-      g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
-                   "Key must be of the form \"sectionname.keyname\"");
-      return FALSE;
+      return glnx_throw (error,
+                        "Key must be of the form \"sectionname.keyname\"");
     }
 
   *out_section = g_strndup (k, dot - k);
diff --git a/src/ostree/ot-builtin-pull-local.c b/src/ostree/ot-builtin-pull-local.c
index 28717b85..b19a4c6a 100644
--- a/src/ostree/ot-builtin-pull-local.c
+++ b/src/ostree/ot-builtin-pull-local.c
@@ -33,6 +33,7 @@
 static char *opt_remote;
 static gboolean opt_disable_fsync;
 static gboolean opt_untrusted;
+static gboolean opt_bareuseronly_files;
 static gboolean opt_require_static_deltas;
 static gboolean opt_gpg_verify;
 static gboolean opt_gpg_verify_summary;
@@ -42,6 +43,7 @@ static GOptionEntry options[] = {
   { "remote", 0, 0, G_OPTION_ARG_STRING, &opt_remote, "Add REMOTE to refspec", "REMOTE" },
   { "disable-fsync", 0, 0, G_OPTION_ARG_NONE, &opt_disable_fsync, "Do not invoke fsync()", NULL },
   { "untrusted", 0, 0, G_OPTION_ARG_NONE, &opt_untrusted, "Do not trust source", NULL },
+  { "bareuseronly-files", 0, 0, G_OPTION_ARG_NONE, &opt_bareuseronly_files, "Reject regular files with mode outside of 0775 (world writable, suid, etc.)", NULL },
   { "require-static-deltas", 0, 0, G_OPTION_ARG_NONE, &opt_require_static_deltas, "Require static deltas", NULL },
   { "gpg-verify", 0, 0, G_OPTION_ARG_NONE, &opt_gpg_verify, "GPG verify commits (must specify --remote)", NULL },
   { "gpg-verify-summary", 0, 0, G_OPTION_ARG_NONE, &opt_gpg_verify_summary, "GPG verify summary (must specify --remote)", NULL },
@@ -92,6 +94,8 @@ ostree_builtin_pull_local (int argc, char **argv, GCancellable *cancellable, GEr
 
   if (opt_untrusted)
     pullflags |= OSTREE_REPO_PULL_FLAGS_UNTRUSTED;
+  if (opt_bareuseronly_files)
+    pullflags |= OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES;
 
   if (opt_disable_fsync)
     ostree_repo_set_disable_fsync (repo, TRUE);
diff --git a/src/ostree/ot-builtin-pull.c b/src/ostree/ot-builtin-pull.c
index d88c5ee8..bd3ac115 100644
--- a/src/ostree/ot-builtin-pull.c
+++ b/src/ostree/ot-builtin-pull.c
@@ -34,6 +34,7 @@ static gboolean opt_dry_run;
 static gboolean opt_disable_static_deltas;
 static gboolean opt_require_static_deltas;
 static gboolean opt_untrusted;
+static gboolean opt_bareuseronly_files;
 static char** opt_subpaths;
 static char** opt_http_headers;
 static char* opt_cache_dir;
@@ -50,6 +51,7 @@ static GOptionEntry options[] = {
    { "mirror", 0, 0, G_OPTION_ARG_NONE, &opt_mirror, "Write refs suitable for a mirror", NULL },
    { "subpath", 0, 0, G_OPTION_ARG_FILENAME_ARRAY, &opt_subpaths, "Only pull the provided subpath(s)", NULL },
    { "untrusted", 0, 0, G_OPTION_ARG_NONE, &opt_untrusted, "Do not trust (local) sources", NULL },
+   { "bareuseronly-files", 0, 0, G_OPTION_ARG_NONE, &opt_bareuseronly_files, "Reject regular files with mode outside of 0775 (world writable, suid, etc.)", NULL },
    { "dry-run", 0, 0, G_OPTION_ARG_NONE, &opt_dry_run, "Only print information on what will be downloaded (requires static deltas)", NULL },
    { "depth", 0, 0, G_OPTION_ARG_INT, &opt_depth, "Traverse DEPTH parents (-1=infinite) (default: 0)", "DEPTH" },
    { "url", 0, 0, G_OPTION_ARG_STRING, &opt_url, "Pull objects from this URL instead of the one from the remote config", NULL },
@@ -167,6 +169,8 @@ ostree_builtin_pull (int argc, char **argv, GCancellable *cancellable, GError **
 
   if (opt_untrusted)
     pullflags |= OSTREE_REPO_PULL_FLAGS_UNTRUSTED;
+  if (opt_bareuseronly_files)
+    pullflags |= OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES;
 
   if (opt_dry_run && !opt_require_static_deltas)
     {
diff --git a/src/ostree/ot-dump.c b/src/ostree/ot-dump.c
index b24003c7..e6b8859b 100644
--- a/src/ostree/ot-dump.c
+++ b/src/ostree/ot-dump.c
@@ -71,6 +71,18 @@ format_timestamp (guint64  timestamp,
   return str;
 }
 
+static gchar *
+uint64_secs_to_iso8601 (guint64 secs)
+{
+  g_autoptr(GDateTime) dt = g_date_time_new_from_unix_utc (secs);
+  g_autoptr(GDateTime) local = (dt != NULL) ? g_date_time_to_local (dt) : NULL;
+
+  if (local != NULL)
+    return g_date_time_format (local, "%FT%T%:::z");
+  else
+    return g_strdup ("invalid");
+}
+
 static void
 dump_indented_lines (const gchar *data)
 {
@@ -196,23 +208,27 @@ dump_summary_ref (const char   *ref_name,
 
   while (g_variant_iter_loop (metadata, "{sv}", &key, &value))
     {
-      g_autofree char *string = g_variant_print (value, FALSE);
-      g_print ("    %s: %s\n", key, string);
+      g_autofree gchar *value_str = NULL;
+      const gchar *pretty_key = NULL;
+
+      if (g_strcmp0 (key, OSTREE_COMMIT_TIMESTAMP) == 0)
+        {
+          pretty_key = "Timestamp";
+          value_str = uint64_secs_to_iso8601 (GUINT64_FROM_BE (g_variant_get_uint64 (value)));
+        }
+      else
+        {
+          value_str = g_variant_print (value, FALSE);
+        }
+
+      /* Print out. */
+      if (pretty_key != NULL)
+        g_print ("    %s (%s): %s\n", pretty_key, key, value_str);
+      else
+        g_print ("    %s: %s\n", key, value_str);
     }
 }
 
-static gchar *
-uint64_secs_to_iso8601 (guint64 secs)
-{
-  g_autoptr(GDateTime) dt = g_date_time_new_from_unix_utc (secs);
-  g_autoptr(GDateTime) local = (dt != NULL) ? g_date_time_to_local (dt) : NULL;
-
-  if (local != NULL)
-    return g_date_time_format (local, "%FT%T%:::z");
-  else
-    return g_strdup ("invalid");
-}
-
 void
 ot_dump_summary_bytes (GBytes          *summary_bytes,
                        OstreeDumpFlags  flags)
diff --git a/src/ostree/ot-remote-cookie-util.c b/src/ostree/ot-remote-cookie-util.c
index e3ca9eac..9e152e18 100644
--- a/src/ostree/ot-remote-cookie-util.c
+++ b/src/ostree/ot-remote-cookie-util.c
@@ -202,8 +202,7 @@ ot_delete_cookie_at (int dfd, const char *jar_path,
 {
   gboolean found = FALSE;
 #ifdef HAVE_LIBCURL
-  glnx_fd_close int tempfile_fd = -1;
-  g_autofree char *tempfile_path = NULL;
+  g_auto(OtTmpfile) tmpf = { 0, };
   g_autofree char *dnbuf = NULL;
   const char *dn = NULL;
   g_autoptr(OtCookieParser) parser = NULL;
@@ -213,9 +212,8 @@ ot_delete_cookie_at (int dfd, const char *jar_path,
 
   dnbuf = g_strdup (jar_path);
   dn = dirname (dnbuf);
-  if (!glnx_open_tmpfile_linkable_at (AT_FDCWD, dn, O_WRONLY | O_CLOEXEC,
-                                      &tempfile_fd, &tempfile_path,
-                                      error))
+  if (!ot_open_tmpfile_linkable_at (AT_FDCWD, dn, O_WRONLY | O_CLOEXEC,
+                                    &tmpf, error))
     return FALSE;
 
   while (ot_parse_cookies_next (parser))
@@ -229,19 +227,14 @@ ot_delete_cookie_at (int dfd, const char *jar_path,
           continue;
         }
 
-      if (glnx_loop_write (tempfile_fd, parser->line, strlen (parser->line)) < 0 ||
-          glnx_loop_write (tempfile_fd, "\n", 1) < 0)
-        {
-          glnx_set_error_from_errno (error);
-          return FALSE;
-        }
+      if (glnx_loop_write (tmpf.fd, parser->line, strlen (parser->line)) < 0 ||
+          glnx_loop_write (tmpf.fd, "\n", 1) < 0)
+        return glnx_throw_errno_prefix (error, "write");
     }
 
-  if (!glnx_link_tmpfile_at (AT_FDCWD, GLNX_LINK_TMPFILE_REPLACE,
-                             tempfile_fd,
-                             tempfile_path,
-                             AT_FDCWD, jar_path,
-                             error))
+  if (!ot_link_tmpfile_at (&tmpf, GLNX_LINK_TMPFILE_REPLACE,
+                           AT_FDCWD, jar_path,
+                           error))
     return FALSE;
 #else
   GSList *cookies;
@@ -279,22 +272,11 @@ gboolean
 ot_list_cookies_at (int dfd, const char *jar_path, GError **error)
 {
 #ifdef HAVE_LIBCURL
-  glnx_fd_close int tempfile_fd = -1;
-  g_autofree char *tempfile_path = NULL;
-  g_autofree char *dnbuf = NULL;
-  const char *dn = NULL;
   g_autoptr(OtCookieParser) parser = NULL;
 
   if (!ot_parse_cookies_at (AT_FDCWD, jar_path, &parser, NULL, error))
     return FALSE;
 
-  dnbuf = dirname (g_strdup (jar_path));
-  dn = dnbuf;
-  if (!glnx_open_tmpfile_linkable_at (AT_FDCWD, dn, O_WRONLY | O_CLOEXEC,
-                                      &tempfile_fd, &tempfile_path,
-                                      error))
-    return FALSE;
-
   while (ot_parse_cookies_next (parser))
     {
       g_autoptr(GDateTime) expires = g_date_time_new_from_unix_utc (parser->expiration);
diff --git a/tests/admin-test.sh b/tests/admin-test.sh
index cc06fe6f..671fd905 100644
--- a/tests/admin-test.sh
+++ b/tests/admin-test.sh
@@ -42,6 +42,8 @@ ${CMD_PREFIX} ostree admin deploy --karg=root=LABEL=MOO --karg=quiet --os=testos
 new_mtime=$(stat -c '%.Y' sysroot/ostree/deploy)
 assert_not_streq "${orig_mtime}" "${new_mtime}"
 ${CMD_PREFIX} ostree admin status | tee status.txt
+assert_not_file_has_content status.txt "pending"
+assert_not_file_has_content status.txt "rollback"
 validate_bootloader
 
 echo "ok deploy command"
diff --git a/tests/basic-test.sh b/tests/basic-test.sh
index b209b839..d9b20938 100644
--- a/tests/basic-test.sh
+++ b/tests/basic-test.sh
@@ -19,7 +19,7 @@
 
 set -euo pipefail
 
-echo "1..66"
+echo "1..$((69 + ${extra_basic_tests:-0}))"
 
 $CMD_PREFIX ostree --version > version.yaml
 python -c 'import yaml; yaml.safe_load(open("version.yaml"))'
@@ -28,7 +28,7 @@ echo "ok yaml version"
 CHECKOUT_U_ARG=""
 COMMIT_ARGS=""
 DIFF_ARGS=""
-if grep -q bare-user-only repo/config; then
+if is_bare_user_only_repo repo; then
     # In bare-user-only repos we can only represent files with uid/gid 0, no
     # xattrs and canonical permissions, so we need to commit them as such, or
     # we end up with repos that don't pass fsck
@@ -66,7 +66,7 @@ validate_checkout_basic checkout-test2
 rm checkout-test2 -rf
 # Only do these tests on bare-user/bare, not bare-user-only
 # since the latter automatically synthesizes -U if it's not passed.
-if ! grep -q bare-user-only repo/config; then
+if ! is_bare_user_only_repo repo; then
 if grep -q bare-user repo/config; then
     if $OSTREE checkout -H test2 checkout-test2 2>err.txt; then
         assert_not_reached "checkout -H worked?"
@@ -254,9 +254,44 @@ echo "ok diff file changing type"
 
 cd ${test_tmpdir}
 mkdir repo2
-ostree_repo_init repo2 --mode=bare-user
+# Use a different mode to test hardlinking metadata only
+if grep -q 'mode=archive' repo/config || is_bare_user_only_repo repo; then
+    opposite_mode=bare-user
+else
+    opposite_mode=archive
+fi
+ostree_repo_init repo2 --mode=$opposite_mode
 ${CMD_PREFIX} ostree --repo=repo2 pull-local repo
-echo "ok pull-local"
+test2_commitid=$(${CMD_PREFIX} ostree --repo=repo rev-parse test2)
+test2_commit_relpath=/objects/${test2_commitid:0:2}/${test2_commitid:2}.commit
+assert_files_hardlinked repo/${test2_commit_relpath} repo2/${test2_commit_relpath}
+echo "ok pull-local (hardlinking metadata)"
+
+cd ${test_tmpdir}
+rm repo2 -rf && mkdir repo2
+ostree_repo_init repo2 --mode=$opposite_mode
+${CMD_PREFIX} ostree --repo=repo2 pull-local --bareuseronly-files repo test2
+${CMD_PREFIX} ostree --repo=repo2 fsck -q
+echo "ok pull-local --bareuseronly-files"
+
+# This is mostly a copy of the suid test in test-basic-user-only.sh,
+# but for the `pull --bareuseronly-files` case.
+cd ${test_tmpdir}
+rm repo-input -rf
+ostree_repo_init repo-input init --mode=archive
+cd ${test_tmpdir}
+cat > statoverride.txt < files/some-setuid
+chmod 0644 files/some-setuid
+$CMD_PREFIX ostree --repo=repo-input commit -b content-with-suid --statoverride=statoverride.txt --tree=dir=files
+if $CMD_PREFIX ostree pull-local --repo=repo --bareuseronly-files repo-input content-with-suid 2>err.txt; then
+    assert_not_reached "copying suid file with --bareuseronly-files worked?"
+fi
+assert_file_has_content err.txt 'object.*\.file: invalid mode.*with bits 040.*'
+echo "ok pull-local (bareuseronly files)"
 
 cd ${test_tmpdir}
 ${CMD_PREFIX} ostree --repo=repo2 checkout ${CHECKOUT_U_ARG} test2 test2-checkout-from-local-clone
@@ -312,8 +347,13 @@ cd ${test_tmpdir}/checkout-test2-4
 $OSTREE commit ${COMMIT_ARGS} -b test2-override -s "with statoverride" --statoverride=../test-statoverride.txt
 cd ${test_tmpdir}
 $OSTREE checkout test2-override checkout-test2-override
-test -g checkout-test2-override/a/nested/2
-test -u checkout-test2-override/a/nested/3
+if ! is_bare_user_only_repo repo; then
+    test -g checkout-test2-override/a/nested/2
+    test -u checkout-test2-override/a/nested/3
+else
+    test '!' -g checkout-test2-override/a/nested/2
+    test '!' -u checkout-test2-override/a/nested/3
+fi
 echo "ok commit statoverride"
 
 cd ${test_tmpdir}
@@ -333,8 +373,30 @@ $OSTREE prune
 echo "ok prune didn't fail"
 
 cd ${test_tmpdir}
+# Verify we can't cat dirs
+for path in / /baz; do
+    if $OSTREE cat test2 $path 2>err.txt; then
+        assert_not_reached "cat directory"
+    fi
+    assert_file_has_content err.txt "open directory"
+done
+rm checkout-test2 -rf
 $OSTREE cat test2 /yet/another/tree/green > greenfile-contents
 assert_file_has_content greenfile-contents "leaf"
+$OSTREE checkout test2 checkout-test2
+ls -alR checkout-test2
+ln -sr checkout-test2/{four,four-link}
+ln -sr checkout-test2/{baz/cow,cow-link}
+ln -sr checkout-test2/{cow-link,cow-link-link}
+$OSTREE commit -b test2-withlink --tree=dir=checkout-test2
+if $OSTREE cat test2-withlink /four-link 2>err.txt; then
+    assert_not_reached "cat directory"
+fi
+assert_file_has_content err.txt "open directory"
+for path in /cow-link /cow-link-link; do
+    $OSTREE cat test2-withlink $path >contents.txt
+    assert_file_has_content contents.txt moo
+done
 echo "ok cat-file"
 
 cd ${test_tmpdir}
@@ -383,6 +445,22 @@ assert_file_has_content checkout-test-union-add/union-add-test 'existing file fo
 assert_file_has_content checkout-test-union-add/union-add-test2 'another file for union add testing'
 echo "ok checkout union add"
 
+cd ${test_tmpdir}
+rm files -rf && mkdir files
+mkdir files/worldwritable-dir
+chmod a+w files/worldwritable-dir
+$CMD_PREFIX ostree --repo=repo commit -b content-with-dir-world-writable --tree=dir=files
+rm dir-co -rf
+$CMD_PREFIX ostree --repo=repo checkout -U -H -M content-with-dir-world-writable dir-co
+assert_file_has_mode dir-co/worldwritable-dir 775
+if ! is_bare_user_only_repo repo; then
+    rm dir-co -rf
+    $CMD_PREFIX ostree --repo=repo checkout -U -H content-with-dir-world-writable dir-co
+    assert_file_has_mode dir-co/worldwritable-dir 777
+fi
+rm dir-co -rf
+echo "ok checkout bareuseronly dir"
+
 cd ${test_tmpdir}
 rm -rf shadow-repo
 mkdir shadow-repo
@@ -566,6 +644,17 @@ rm test2-checkout -rf
 ${CMD_PREFIX} ostree --repo=repo2 checkout -U test2 test2-checkout
 assert_file_has_content test2-checkout/baz/cow moo
 assert_has_dir repo2/uncompressed-objects-cache
+ls repo2/uncompressed-objects-cache > ls.txt
+if ! test -s ls.txt; then
+    assert_not_reached "repo didn't cache uncompressed objects"
+fi
+# we're in archive mode, but the repo we pull-local from might be
+# bare-user-only, in which case, we skip these checks since bare-user-only
+# doesn't store permission bits
+if ! is_bare_user_only_repo repo; then
+    assert_file_has_mode test2-checkout/baz/cowro 600
+    assert_file_has_mode test2-checkout/baz/deeper/ohyeahx 755
+fi
 echo "ok disable cache checkout"
 
 cd ${test_tmpdir}
diff --git a/tests/libtest-core.sh b/tests/libtest-core.sh
index d1d3bbdf..de850544 100644
--- a/tests/libtest-core.sh
+++ b/tests/libtest-core.sh
@@ -1,4 +1,8 @@
-# Core source library for shell script tests
+# Core source library for shell script tests; this
+# file is intended to be the canonical source, which at
+# is copied at least into:
+#
+# - https://github.com/projectatomic/rpm-ostree
 #
 # Copyright (C) 2017 Colin Walters 
 #
@@ -36,6 +40,7 @@ fi
 
 # This should really be the default IMO
 export G_DEBUG=fatal-warnings
+
 assert_streq () {
     test "$1" = "$2" || fatal "$1 != $2"
 }
@@ -58,18 +63,29 @@ assert_has_dir () {
     test -d "$1" || fatal "Couldn't find '$1'"
 }
 
+# Dump ls -al + file contents to stderr, then fatal()
+_fatal_print_file() {
+    file="$1"
+    shift
+    ls -al "$file" >&2
+    sed -e 's/^/# /' < "$file" >&2
+    fatal "$@"
+}
+
 assert_not_has_file () {
     if test -f "$1"; then
-        sed -e 's/^/# /' < "$1" >&2
-        fatal "File '$1' exists"
+        _fatal_print_file "$1" "File '$1' exists"
     fi
 }
 
 assert_not_file_has_content () {
-    if grep -q -e "$2" "$1"; then
-        sed -e 's/^/# /' < "$1" >&2
-        fatal "File '$1' incorrectly matches regexp '$2'"
-    fi
+    fpath=$1
+    shift
+    for re in "$@"; do
+        if grep -q -e "$re" "$fpath"; then
+            _fatal_print_file "$fpath" "File '$fpath' matches regexp '$re'"
+        fi
+    done
 }
 
 assert_not_has_dir () {
@@ -79,35 +95,40 @@ assert_not_has_dir () {
 }
 
 assert_file_has_content () {
-    if ! grep -q -e "$2" "$1"; then
-        sed -e 's/^/# /' < "$1" >&2
-        fatal "File '$1' doesn't match regexp '$2'"
-    fi
+    fpath=$1
+    shift
+    for re in "$@"; do
+        if ! grep -q -e "$re" "$fpath"; then
+            _fatal_print_file "$fpath" "File '$fpath' doesn't match regexp '$re'"
+        fi
+    done
 }
 
 assert_file_has_content_literal () {
     if ! grep -q -F -e "$2" "$1"; then
-        sed -e 's/^/# /' < "$1" >&2
-        fatal "File '$1' doesn't match fixed string list '$2'"
+        _fatal_print_file "$1" "File '$1' doesn't match fixed string list '$2'"
+    fi
+}
+
+assert_file_has_mode () {
+    mode=$(stat -c '%a' $1)
+    if [ "$mode" != "$2" ]; then
+        fatal "File '$1' has wrong mode: expected $2, but got $mode"
     fi
 }
 
 assert_symlink_has_content () {
     if ! test -L "$1"; then
-        echo 1>&2 "File '$1' is not a symbolic link"
-        exit 1
+        fatal "File '$1' is not a symbolic link"
     fi
     if ! readlink "$1" | grep -q -e "$2"; then
-        sed -e 's/^/# /' < "$1" >&2
-        echo 1>&2 "Symbolic link '$1' doesn't match regexp '$2'"
-        exit 1
+        _fatal_print_file "$1" "Symbolic link '$1' doesn't match regexp '$2'"
     fi
 }
 
 assert_file_empty() {
     if test -s "$1"; then
-        sed -e 's/^/# /' < "$1" >&2
-        fatal "File '$1' is not empty"
+        _fatal_print_file "$1" "File '$1' is not empty"
     fi
 }
 
diff --git a/tests/libtest.sh b/tests/libtest.sh
index 3ce718f9..15802dfd 100755
--- a/tests/libtest.sh
+++ b/tests/libtest.sh
@@ -116,10 +116,16 @@ else
     fi
 fi
 
+files_are_hardlinked() {
+    f1=$(stat -c %i $1)
+    f2=$(stat -c %i $2)
+    [ "$f1" == "$f2" ]
+}
+
 assert_files_hardlinked() {
     f1=$(stat -c %i $1)
     f2=$(stat -c %i $2)
-    if [ "$f1" != "$f2" ]; then
+    if ! files_are_hardlinked "$f1" "$f2"; then
         fatal "Files '$1' and '$2' are not hardlinked"
     fi
 }
@@ -157,9 +163,13 @@ setup_test_repository () {
 
     mkdir baz
     echo moo > baz/cow
+    echo mooro > baz/cowro
+    chmod 600 baz/cowro
     echo alien > baz/saucer
     mkdir baz/deeper
     echo hi > baz/deeper/ohyeah
+    echo hix > baz/deeper/ohyeahx
+    chmod 755 baz/deeper/ohyeahx
     ln -s nonexistent baz/alink
     mkdir baz/another/
     echo x > baz/another/y
@@ -446,6 +456,7 @@ os_repository_new_commit ()
 {
     boot_checksum_iteration=${1:-0}
     content_iteration=${2:-0}
+    branch=${3:-testos/buildmaster/x86_64-runtime}
     echo "BOOT ITERATION: $boot_checksum_iteration"
     cd ${test_tmpdir}/osdata
     rm boot/*
@@ -464,7 +475,7 @@ os_repository_new_commit ()
 
     version=$(date "+%Y%m%d.${content_iteration}")
 
-    ${CMD_PREFIX} ostree --repo=${test_tmpdir}/testos-repo commit  --add-metadata-string "version=${version}" -b testos/buildmaster/x86_64-runtime -s "Build"
+    ${CMD_PREFIX} ostree --repo=${test_tmpdir}/testos-repo commit  --add-metadata-string "version=${version}" -b $branch -s "Build"
     cd ${test_tmpdir}
 }
 
@@ -494,3 +505,35 @@ has_gpgme () {
 libtest_cleanup_gpg () {
     gpg-connect-agent --homedir ${test_tmpdir}/gpghome killagent /bye || true
 }
+
+is_bare_user_only_repo () {
+  grep -q 'mode=bare-user-only' $1/config
+}
+
+# Given a path to a file in a repo for a ref, print its checksum
+ostree_file_path_to_checksum() {
+    repo=$1
+    ref=$2
+    path=$3
+    $CMD_PREFIX ostree --repo=$repo ls -C $ref $path | awk '{ print $5 }'
+}
+
+# Given a path to a file in a repo for a ref, print the (relative) path to its
+# object
+ostree_file_path_to_relative_object_path() {
+    repo=$1
+    ref=$2
+    path=$3
+    checksum=$(ostree_file_path_to_checksum $repo $ref $path)
+    test -n "${checksum}"
+    echo objects/${checksum:0:2}/${checksum:2}.file
+}
+
+# Given a path to a file in a repo for a ref, print the path to its object
+ostree_file_path_to_object_path() {
+    repo=$1
+    ref=$2
+    path=$3
+    relpath=$(ostree_file_path_to_relative_object_path $repo $ref $path)
+    echo ${repo}/${relpath}
+}
diff --git a/tests/pull-test.sh b/tests/pull-test.sh
index f81d8023..24eb16a0 100644
--- a/tests/pull-test.sh
+++ b/tests/pull-test.sh
@@ -24,7 +24,7 @@ function repo_init() {
     rm repo -rf
     mkdir repo
     ostree_repo_init repo
-    ${CMD_PREFIX} ostree --repo=repo remote add --set=gpg-verify=false origin $(cat httpd-address)/ostree/gnomerepo
+    ${CMD_PREFIX} ostree --repo=repo remote add origin $(cat httpd-address)/ostree/gnomerepo "$@"
 }
 
 function verify_initial_contents() {
@@ -35,10 +35,10 @@ function verify_initial_contents() {
     assert_file_has_content baz/cow '^moo$'
 }
 
-echo "1..16"
+echo "1..25"
 
 # Try both syntaxes
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull origin main
 ${CMD_PREFIX} ostree --repo=repo pull origin:main
 ${CMD_PREFIX} ostree --repo=repo fsck
@@ -57,6 +57,33 @@ ${CMD_PREFIX} ostree --repo=mirrorrepo fsck
 $OSTREE show main >/dev/null
 echo "ok pull mirror"
 
+mkdir otherbranch
+echo someothercontent > otherbranch/someothercontent
+${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b otherbranch --tree=dir=otherbranch
+${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+rm mirrorrepo -rf
+# All refs
+ostree_repo_init mirrorrepo --mode=archive-z2
+${CMD_PREFIX} ostree --repo=mirrorrepo remote add --set=gpg-verify=false origin $(cat httpd-address)/ostree/gnomerepo
+${CMD_PREFIX} ostree --repo=mirrorrepo pull --mirror origin
+${CMD_PREFIX} ostree --repo=mirrorrepo fsck
+for ref in main otherbranch; do
+    ${CMD_PREFIX} ostree --repo=mirrorrepo rev-parse $ref
+done
+echo "ok pull mirror (all refs)"
+
+rm mirrorrepo -rf
+ostree_repo_init mirrorrepo --mode=archive-z2
+${CMD_PREFIX} ostree --repo=mirrorrepo remote add --set=gpg-verify=false origin $(cat httpd-address)/ostree/gnomerepo
+# Generate a summary in the mirror
+${CMD_PREFIX} ostree --repo=mirrorrepo summary -u
+summarysig=$(sha256sum < mirrorrepo/summary | cut -f 1 -d ' ')
+# Mirror subset of refs: https://github.com/ostreedev/ostree/issues/846
+${CMD_PREFIX} ostree --repo=mirrorrepo pull --mirror origin main
+newsummarysig=$(sha256sum < mirrorrepo/summary | cut -f 1 -d ' ')
+assert_streq ${summarysig} ${newsummarysig}
+echo "ok pull mirror (ref subset with summary)"
+
 cd ${test_tmpdir}
 rm checkout-origin-main -rf
 $OSTREE --repo=ostree-srv/gnomerepo checkout main checkout-origin-main
@@ -79,6 +106,35 @@ ${CMD_PREFIX} ostree --repo=mirrorrepo pull origin main
 ${CMD_PREFIX} ostree --repo=mirrorrepo fsck
 echo "ok pull (refuses deltas)"
 
+cd ${test_tmpdir}
+rm mirrorrepo/refs/remotes/* -rf
+${CMD_PREFIX} ostree --repo=mirrorrepo prune --refs-only
+${CMD_PREFIX} ostree --repo=mirrorrepo pull --bareuseronly-files origin main
+echo "ok pull (bareuseronly, safe)"
+
+rm checkout-origin-main -rf
+$OSTREE --repo=ostree-srv/gnomerepo checkout main checkout-origin-main
+cat > statoverride.txt < checkout-origin-main/some-setuid
+${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b content-with-suid --statoverride=statoverride.txt --tree=dir=checkout-origin-main
+${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+# Verify we reject it both when unpacking and when mirroring
+for flag in "" "--mirror"; do
+    if ${CMD_PREFIX} ostree --repo=mirrorrepo pull ${flag} --bareuseronly-files origin content-with-suid 2>err.txt; then
+        assert_not_reached "pulled unsafe bareuseronly"
+    fi
+    assert_file_has_content err.txt 'object.*\.file: invalid mode.*with bits 040.*'
+done
+echo "ok pull (bareuseronly, unsafe)"
+
+cd ${test_tmpdir}
+rm mirrorrepo/refs/remotes/* -rf
+${CMD_PREFIX} ostree --repo=mirrorrepo prune --refs-only
+${CMD_PREFIX} ostree --repo=mirrorrepo pull --mirror --bareuseronly-files origin main
+echo "ok pull (bareuseronly mirror)"
+
 cd ${test_tmpdir}
 rm mirrorrepo/refs/remotes/* -rf
 ${CMD_PREFIX} ostree --repo=mirrorrepo prune --refs-only
@@ -128,7 +184,7 @@ assert_file_has_content main.txt ${rev}
 echo "ok pull specific commit"
 
 cd ${test_tmpdir}
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull origin main
 ${CMD_PREFIX} ostree --repo=repo fsck
 # Generate a delta from old to current, even though we aren't going to
@@ -153,7 +209,7 @@ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
 # Explicitly test delta fetches via ref name as well as commit hash
 for delta_target in main ${new_rev}; do
 cd ${test_tmpdir}
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull origin main@${prev_rev}
 ${CMD_PREFIX} ostree --repo=repo pull --dry-run --require-static-deltas origin ${delta_target} >dry-run-pull.txt
 # Compression can vary, so we support 400-699
@@ -166,7 +222,7 @@ done
 # Explicitly test delta fetches via ref name as well as commit hash
 for delta_target in main ${new_rev}; do
 cd ${test_tmpdir}
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull origin main@${prev_rev}
 ${CMD_PREFIX} ostree --repo=repo pull --require-static-deltas origin ${delta_target}
 if test ${delta_target} = main; then
@@ -179,7 +235,7 @@ ${CMD_PREFIX} ostree --repo=repo fsck
 done
 
 cd ${test_tmpdir}
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull origin main@${prev_rev}
 ${CMD_PREFIX} ostree --repo=repo pull --disable-static-deltas origin main
 ${CMD_PREFIX} ostree --repo=repo fsck
@@ -197,7 +253,7 @@ cd ${test_tmpdir}
 ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo static-delta generate --swap-endianness main
 ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
 
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull origin main@${prev_rev}
 ${CMD_PREFIX} ostree --repo=repo pull --require-static-deltas --dry-run origin main >byteswapped-dry-run-pull.txt
 ${CMD_PREFIX} ostree --repo=repo fsck
@@ -211,7 +267,7 @@ echo "ok pull byteswapped delta"
 cd ${test_tmpdir}
 rm ostree-srv/gnomerepo/deltas -rf
 ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
-repo_init
+repo_init --no-gpg-verify
 if ${CMD_PREFIX} ostree --repo=repo pull --require-static-deltas origin main 2>err.txt; then
     assert_not_reached "--require-static-deltas unexpectedly succeeded"
 fi
@@ -219,7 +275,7 @@ assert_file_has_content err.txt "deltas required, but none found"
 ${CMD_PREFIX} ostree --repo=repo fsck
 
 # Now test with a partial commit
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull --commit-metadata-only origin main@${prev_rev}
 if ${CMD_PREFIX} ostree --repo=repo pull --require-static-deltas origin main 2>err.txt; then
     assert_not_reached "--require-static-deltas unexpectedly succeeded"
@@ -227,7 +283,7 @@ fi
 assert_file_has_content err.txt "deltas required, but none found"
 echo "ok delta required but don't exist"
 
-repo_init
+repo_init --no-gpg-verify
 ${CMD_PREFIX} ostree --repo=repo pull origin main@${prev_rev}
 if ${CMD_PREFIX} ostree --repo=repo pull --require-static-deltas origin ${new_rev} 2>err.txt; then
     assert_not_reached "--require-static-deltas unexpectedly succeeded"
@@ -294,3 +350,44 @@ fi
 assert_file_has_content err.txt "ONE BILLION DOLLARS"
 
 echo "ok unconfigured"
+
+cd ${test_tmpdir}
+repo_init
+${CMD_PREFIX} ostree --repo=repo remote add origin-bad $(cat httpd-address)/ostree/noent
+if ${CMD_PREFIX} ostree --repo=repo --depth=0 pull origin-bad main 2>err.txt; then
+    assert_not_reached "pull repo 404 succeeded?"
+fi
+assert_file_has_content err.txt "404"
+echo "ok pull repo 404"
+
+cd ${test_tmpdir}
+repo_init --set=gpg-verify=true
+if ${CMD_PREFIX} ostree --repo=repo --depth=0 pull origin main 2>err.txt; then
+    assert_not_reached "pull repo 404 succeeded?"
+fi
+assert_file_has_content err.txt "GPG verification enabled, but no signatures found"
+echo "ok pull repo 404 (gpg)"
+
+cd ${test_tmpdir}
+repo_init --set=gpg-verify=true
+${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit \
+  --gpg-homedir=${TEST_GPG_KEYHOME} --gpg-sign=${TEST_GPG_KEYID_1} -b main \
+  -s "A signed commit" --tree=ref=main
+${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+# make sure gpg verification is correctly on
+csum=$(${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo rev-parse main)
+objpath=objects/${csum::2}/${csum:2}.commitmeta
+remotesig=ostree-srv/gnomerepo/$objpath
+localsig=repo/$objpath
+mv $remotesig $remotesig.bak
+if ${CMD_PREFIX} ostree --repo=repo --depth=0 pull origin main; then
+    assert_not_reached "pull with gpg-verify unexpectedly succeeded?"
+fi
+# ok now check that we can pull correctly
+mv $remotesig.bak $remotesig
+${CMD_PREFIX} ostree --repo=repo pull origin main
+echo "ok pull signed commit"
+rm $localsig
+${CMD_PREFIX} ostree --repo=repo pull origin main
+test -f $localsig
+echo "ok re-pull signature for stored commit"
diff --git a/tests/test-admin-upgrade-endoflife.sh b/tests/test-admin-upgrade-endoflife.sh
new file mode 100755
index 00000000..a58c64ce
--- /dev/null
+++ b/tests/test-admin-upgrade-endoflife.sh
@@ -0,0 +1,72 @@
+#!/bin/bash
+#
+# Copyright (C) 2014 Colin Walters 
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+# Boston, MA 02111-1307, USA.
+
+set -euo pipefail
+
+. $(dirname $0)/libtest.sh
+
+# Exports OSTREE_SYSROOT so --sysroot not needed.
+setup_os_repository "archive-z2" "syslinux"
+# This does:
+# - init ostree repo in testos-repo
+# - create system files in osdata and commit twice those contents into testos-repo
+# - copy osdata to osdata-devel and make another change then commit
+# - create sysroot with init-fs and os-init and syslinux
+# sysroot has /ostree basics (but no contents), syslinux cfg and empty root dirs
+
+echo "1..3"
+
+cd ${test_tmpdir}
+${CMD_PREFIX} ostree --repo=sysroot/ostree/repo remote add --set=gpg-verify=false testos $(cat httpd-address)/ostree/testos-repo
+${CMD_PREFIX} ostree --repo=sysroot/ostree/repo pull testos testos/buildmaster/x86_64-runtime
+rev=$(${CMD_PREFIX} ostree --repo=sysroot/ostree/repo rev-parse testos/buildmaster/x86_64-runtime)
+echo "rev=${rev}"
+
+# Now sysroot/ostree has the objects from the testos-repo (obtained over http
+# and kept in remote "testos"), but there is no deployment
+
+# This initial deployment gets kicked off with some kernel arguments
+${CMD_PREFIX} ostree admin deploy --karg=root=LABEL=MOO --karg=quiet --os=testos testos:testos/buildmaster/x86_64-runtime
+assert_has_dir sysroot/boot/ostree/testos-${bootcsum}
+
+echo "ok deploy"
+
+# Create a new branch which we want to migrate to
+os_repository_new_commit 1 1 testos/buildmaster/newbranch
+# bootcsum now refers to this new commit
+
+# Create a new commit with an empty tree, which marks the original branch as
+# EOL, redirecting to the new one.
+mkdir empty
+${CMD_PREFIX} ostree --repo=${test_tmpdir}/testos-repo commit --tree=dir=$(pwd)/empty  --add-metadata-string "ostree.endoflife=Product discontinued" --add-metadata-string "ostree.endoflife-rebase=testos/buildmaster/newbranch" -b testos/buildmaster/x86_64-runtime -s "EOL redirect to new branch"
+
+echo "ok new branch"
+
+# Upgrade existing checkout
+${CMD_PREFIX} ostree admin upgrade --os=testos --pull-only
+${CMD_PREFIX} ostree admin upgrade --os=testos --deploy-only
+
+# Check we got redirected to the new branch
+assert_file_has_content sysroot/boot/loader/entries/ostree-testos-0.conf "${bootcsum}"
+rev=$(${CMD_PREFIX} ostree --repo=${test_tmpdir}/testos-repo rev-parse testos/buildmaster/newbranch)
+assert_file_has_content sysroot/ostree/deploy/testos/deploy/${rev}.0/usr/bin/content-iteration "1"
+
+assert_file_has_content sysroot/ostree/deploy/testos/deploy/${rev}.0.origin "newbranch"
+
+echo "ok update and redirect"
diff --git a/tests/test-basic-c.c b/tests/test-basic-c.c
index 8e7882b9..dbab087e 100644
--- a/tests/test-basic-c.c
+++ b/tests/test-basic-c.c
@@ -170,6 +170,54 @@ test_raw_file_to_archive_z2_stream (gconstpointer data)
   g_assert_cmpint (checks, >, 0);
 }
 
+static gboolean hi_content_stream_new (GInputStream **out_stream,
+                                       guint64       *out_length,
+                                       GError **error)
+{
+  static const char hi[] = "hi";
+  g_autoptr(GMemoryInputStream) hi_memstream = (GMemoryInputStream*)g_memory_input_stream_new_from_data (hi, sizeof(hi)-1, NULL);
+  g_autoptr(GFileInfo) finfo = g_file_info_new ();
+  g_file_info_set_attribute_uint32 (finfo, "standard::type", G_FILE_TYPE_REGULAR);
+  g_file_info_set_attribute_boolean (finfo, "standard::is-symlink", FALSE);
+  g_file_info_set_attribute_uint32 (finfo, "unix::uid", 0);
+  g_file_info_set_attribute_uint32 (finfo, "unix::gid", 0);
+  g_file_info_set_attribute_uint32 (finfo, "unix::mode", S_IFREG|0644);
+  return ostree_raw_file_to_content_stream ((GInputStream*)hi_memstream, finfo, NULL, out_stream, out_length, NULL, error);
+}
+
+static void
+test_object_writes (gconstpointer data)
+{
+  OstreeRepo *repo = OSTREE_REPO (data);
+  g_autoptr(GError) error = NULL;
+
+  static const char hi_sha256[] = "2301b5923720c3edc1f0467addb5c287fd5559e3e0cd1396e7f1edb6b01be9f0";
+
+  /* Successful content write */
+  { g_autoptr(GInputStream) hi_memstream = NULL;
+    guint64 len;
+    hi_content_stream_new (&hi_memstream, &len, &error);
+    g_assert_no_error (error);
+    g_autofree guchar *csum = NULL;
+    (void)ostree_repo_write_content (repo, hi_sha256, hi_memstream, len, &csum,
+                                     NULL, &error);
+    g_assert_no_error (error);
+  }
+
+  /* Invalid content write */
+  { g_autoptr(GInputStream) hi_memstream = NULL;
+    guint64 len;
+    hi_content_stream_new (&hi_memstream, &len, &error);
+    g_assert_no_error (error);
+    g_autofree guchar *csum = NULL;
+    static const char invalid_hi_sha256[] = "cafebabecafebabecafebabecafebabecafebabecafebabecafebabecafebabe";
+    g_assert (!ostree_repo_write_content (repo, invalid_hi_sha256, hi_memstream, len, &csum,
+                                          NULL, &error));
+    g_assert (error);
+    g_assert (strstr (error->message, "Corrupted file object"));
+  }
+}
+
 int main (int argc, char **argv)
 {
   g_autoptr(GError) error = NULL;
@@ -180,9 +228,10 @@ int main (int argc, char **argv)
   repo = ot_test_setup_repo (NULL, &error); 
   if (!repo)
     goto out;
-  
+
   g_test_add_data_func ("/repo-not-system", repo, test_repo_is_not_system);
   g_test_add_data_func ("/raw-file-to-archive-z2-stream", repo, test_raw_file_to_archive_z2_stream);
+  g_test_add_data_func ("/objectwrites", repo, test_object_writes);
 
   return g_test_run();
  out:
diff --git a/tests/test-basic-user-only.sh b/tests/test-basic-user-only.sh
index a3e63aac..fb071fe4 100755
--- a/tests/test-basic-user-only.sh
+++ b/tests/test-basic-user-only.sh
@@ -22,4 +22,71 @@ set -euo pipefail
 . $(dirname $0)/libtest.sh
 
 setup_test_repository "bare-user-only"
+extra_basic_tests=4
 . $(dirname $0)/basic-test.sh
+
+# Reset things so we don't inherit a lot of state from earlier tests
+cd ${test_tmpdir}
+rm repo files -rf
+ostree_repo_init repo init --mode=bare-user-only
+
+# Init an archive repo where we'll store content that can't go into bare-user
+cd ${test_tmpdir}
+rm repo-input -rf
+ostree_repo_init repo-input init --mode=archive
+cd ${test_tmpdir}
+cat > statoverride.txt < files/some-setuid
+chmod 0644 files/some-setuid
+$CMD_PREFIX ostree --repo=repo-input commit -b content-with-suid --statoverride=statoverride.txt --tree=dir=files
+if $CMD_PREFIX ostree pull-local --repo=repo repo-input 2>err.txt; then
+    assert_not_reached "copying suid file into bare-user worked?"
+fi
+assert_file_has_content err.txt "Invalid mode.*with bits 040.*in bare-user-only"
+echo "ok failed to commit suid"
+
+cd ${test_tmpdir}
+rm repo-input -rf
+ostree_repo_init repo-input init --mode=archive
+rm files -rf && mkdir files
+echo "a group writable file" > files/some-group-writable
+chmod 0664 files/some-group-writable
+$CMD_PREFIX ostree --repo=repo-input commit -b content-with-group-writable --tree=dir=files
+$CMD_PREFIX ostree pull-local --repo=repo repo-input
+$CMD_PREFIX ostree --repo=repo checkout -U -H content-with-group-writable groupwritable-co
+assert_file_has_mode groupwritable-co/some-group-writable 664
+echo "ok supported group writable"
+
+cd ${test_tmpdir}
+rm repo-input -rf
+ostree_repo_init repo-input init --mode=archive
+rm files -rf && mkdir files
+mkdir files/worldwritable-dir
+chmod a+w files/worldwritable-dir
+$CMD_PREFIX ostree --repo=repo-input commit -b content-with-dir-world-writable --tree=dir=files
+$CMD_PREFIX ostree pull-local --repo=repo repo-input
+$CMD_PREFIX ostree --repo=repo checkout -U -H content-with-dir-world-writable dir-co
+assert_file_has_mode dir-co/worldwritable-dir 775
+echo "ok didn't make world-writable dir"
+
+cd ${test_tmpdir}
+rm repo-input -rf
+rm repo -rf
+ostree_repo_init repo init --mode=bare-user-only
+ostree_repo_init repo-input init --mode=bare-user
+rm files -rf && mkdir files
+echo afile > files/afile
+ln -s afile files/afile-link
+$CMD_PREFIX ostree --repo=repo-input commit --canonical-permissions -b testtree --tree=dir=files
+afile_relobjpath=$(ostree_file_path_to_relative_object_path repo-input testtree /afile)
+afile_link_relobjpath=$(ostree_file_path_to_relative_object_path repo-input testtree /afile-link)
+$CMD_PREFIX ostree pull-local --repo=repo repo-input
+assert_files_hardlinked repo/${afile_relobjpath} repo-input/${afile_relobjpath}
+if files_are_hardlinked repo/${afile_link_relobjpath} repo-input/${afile_link_relobjpath}; then
+    assert_not_reached "symlinks hardlinked across bare-user?"
+fi
+$OSTREE fsck -q
+echo "ok hardlink pull from bare-user"
diff --git a/tests/test-basic-user.sh b/tests/test-basic-user.sh
index 3e11545e..fa802df6 100755
--- a/tests/test-basic-user.sh
+++ b/tests/test-basic-user.sh
@@ -25,4 +25,42 @@ skip_without_user_xattrs
 
 setup_test_repository "bare-user"
 
+extra_basic_tests=3
 . $(dirname $0)/basic-test.sh
+
+# Reset things so we don't inherit a lot of state from earlier tests
+rm repo files -rf
+setup_test_repository "bare-user"
+
+cd ${test_tmpdir}
+objpath_nonexec=$(ostree_file_path_to_object_path repo test2 baz/cow)
+# Sigh, umask
+touch testfile
+default_mode=$(stat -c '%a' testfile)
+rm testfile
+assert_file_has_mode ${objpath_nonexec} ${default_mode}
+objpath_ro=$(ostree_file_path_to_object_path repo test2 baz/cowro)
+assert_file_has_mode ${objpath_ro} 600
+objpath_exec=$(ostree_file_path_to_object_path repo test2 baz/deeper/ohyeahx)
+assert_file_has_mode ${objpath_exec} 755
+echo "ok bare-user committed modes"
+
+rm test2-checkout -rf
+$OSTREE checkout -U -H test2 test2-checkout
+cd test2-checkout
+assert_file_has_mode baz/cow ${default_mode}
+assert_file_has_mode baz/cowro 600
+assert_file_has_mode baz/deeper/ohyeahx 755
+echo "ok bare-user checkout modes"
+
+rm test2-checkout -rf
+$OSTREE checkout -U -H test2 test2-checkout
+touch test2-checkout/unwritable
+chmod 0400 test2-checkout/unwritable
+$OSTREE commit -b test2-unwritable --tree=dir=test2-checkout
+chmod 0600 test2-checkout/unwritable
+rm test2-checkout -rf
+$OSTREE checkout -U -H test2-unwritable test2-checkout
+cd test2-checkout
+assert_file_has_mode unwritable 400
+echo "ok bare-user unwritable"
diff --git a/tests/test-remote-headers.sh b/tests/test-remote-headers.sh
index 6902cefb..39fbe352 100755
--- a/tests/test-remote-headers.sh
+++ b/tests/test-remote-headers.sh
@@ -44,9 +44,9 @@ ${CMD_PREFIX} ostree --repo=repo remote add --set=gpg-verify=false origin $(cat
 # Sanity check the setup, without headers the pull should fail
 assert_fail ${CMD_PREFIX} ostree --repo=repo pull origin main
 
-echo "ok, setup done"
+echo "ok setup done"
 
 # Now pull should succeed now
 ${CMD_PREFIX} ostree --repo=repo pull --http-header foo=bar --http-header baz=badger origin main
 
-echo "ok, pull succeeded"
+echo "ok pull succeeded"
diff --git a/tests/test-summary-view.sh b/tests/test-summary-view.sh
index 6dcfd088..60855eb1 100755
--- a/tests/test-summary-view.sh
+++ b/tests/test-summary-view.sh
@@ -51,7 +51,7 @@ ${OSTREE} summary --view > summary.txt
 assert_file_has_content_literal summary.txt "* main"
 assert_file_has_content_literal summary.txt "* other"
 assert_file_has_content_literal summary.txt "ostree.summary.last-modified"
-assert_file_has_content_literal summary.txt "Static Deltas (ostree.static-deltas): {}"
+assert_file_has_content_literal summary.txt "Timestamp (ostree.commit.timestamp): "
 echo "ok view summary"
 
 # Check the summary can be viewed raw too.
diff --git a/tests/test-symbols.sh b/tests/test-symbols.sh
index 3ee018b0..d22231d0 100755
--- a/tests/test-symbols.sh
+++ b/tests/test-symbols.sh
@@ -17,10 +17,12 @@
 # Free Software Foundation, Inc., 59 Temple Place - Suite 330,
 # Boston, MA 02111-1307, USA.
 
-set -euo pipefail
+set -xeuo pipefail
 
-echo '1..2'
+echo '1..3'
 
+released_syms=${G_TEST_SRCDIR}/src/libostree/libostree-released.sym
+devel_syms=${G_TEST_SRCDIR}/src/libostree/libostree-devel.sym
 if echo "$OSTREE_FEATURES" | grep --quiet --no-messages "experimental"; then
   experimental_sym="${G_TEST_SRCDIR}/src/libostree/libostree-experimental.sym"
   experimental_sections="${G_TEST_SRCDIR}/apidoc/ostree-experimental-sections.txt"
@@ -30,7 +32,7 @@ else
 fi
 
 echo "Verifying all expected symbols are actually exported..."
-grep --no-filename ' ostree_[A-Za-z0-9_]*;' ${G_TEST_SRCDIR}/src/libostree/libostree.sym $experimental_sym | sed -e 's,^ *\([A-Za-z0-9_]*\);,\1,' | sort -u > expected-symbols.txt
+grep --no-filename ' ostree_[A-Za-z0-9_]*;' ${released_syms} ${devel_syms} ${experimental_sym} | sed -e 's,^ *\([A-Za-z0-9_]*\);,\1,' | sort -u > expected-symbols.txt
 eu-readelf -a ${G_TEST_BUILDDIR}/.libs/libostree-1.so | grep 'FUNC.*GLOBAL.*DEFAULT.*@@LIBOSTREE_' | sed -e 's,^.* \(ostree_[A-Za-z0-9_]*\)@@LIBOSTREE_[0-9A-Z_.]*,\1,' |sort -u > found-symbols.txt
 diff -u expected-symbols.txt found-symbols.txt
 echo "ok exports"
@@ -39,7 +41,15 @@ echo "ok exports"
 grep -E -v '(ostree_cmd__private__)|(ostree_fetcher_config_flags_get_type)' found-symbols.txt > expected-documented.txt
 
 echo "Verifying all public symbols are documented:"
-grep '^ostree_' ${G_TEST_SRCDIR}/apidoc/ostree-sections.txt $experimental_sections |sort -u > found-documented.txt
+grep --no-filename '^ostree_' ${G_TEST_SRCDIR}/apidoc/ostree-sections.txt $experimental_sections |sort -u > found-documented.txt
 diff -u expected-documented.txt found-documented.txt
 
 echo 'ok documented symbols'
+
+# ONLY update this checksum in release commits!
+cat > released-sha256.txt <