packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib/deploy: Have internal origin writing API take sepolicy 

Ensures it's labeled consistently. Prep for staged deployments which reworks the
logic around when the origin file is written.

Closes: #1505
Approved by: jlebon
This commit is contained in:
Colin Walters 2018-03-19 12:10:31 -04:00 committed by Atomic Bot
parent ce2449ad2e
commit 9ca3f76cd2
1 changed files with 28 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
src/libostree/ostree-sysroot-deploy.c
View File

@ -837,6 +837,7 @@ merge_configuration (OstreeSysroot *sysroot,
*/ */
static gboolean static gboolean
write_origin_file_internal (OstreeSysroot *sysroot, write_origin_file_internal (OstreeSysroot *sysroot,
OstreeSePolicy *sepolicy,
OstreeDeployment *deployment, OstreeDeployment *deployment,
GKeyFile *new_origin, GKeyFile *new_origin,
GLnxFileReplaceFlags flags, GLnxFileReplaceFlags flags,
@ -849,16 +850,21 @@ write_origin_file_internal (OstreeSysroot *sysroot,
if (origin) if (origin)
{ {
g_autofree char *origin_path = NULL; g_auto(OstreeSepolicyFsCreatecon) con = { 0, };
g_autofree char *contents = NULL; if (!_ostree_sepolicy_preparefscreatecon (&con, sepolicy,
"/etc/ostree/remotes.d/dummy.conf",
0644, error))
return FALSE;
g_autofree char *origin_path =
g_strdup_printf ("ostree/deploy/%s/deploy/%s.%d.origin",
ostree_deployment_get_osname (deployment),
ostree_deployment_get_csum (deployment),
ostree_deployment_get_deployserial (deployment));
gsize len; gsize len;
g_autofree char *contents = g_key_file_to_data (origin, &len, error);
origin_path = g_strdup_printf ("ostree/deploy/%s/deploy/%s.%d.origin",
ostree_deployment_get_osname (deployment),
ostree_deployment_get_csum (deployment),
ostree_deployment_get_deployserial (deployment));
contents = g_key_file_to_data (origin, &len, error);
if (!contents) if (!contents)
return FALSE; return FALSE;
@ -891,7 +897,12 @@ ostree_sysroot_write_origin_file (OstreeSysroot *sysroot,
GCancellable *cancellable, GCancellable *cancellable,
GError **error) GError **error)
{ {
if (!write_origin_file_internal (sysroot, deployment, new_origin, g_autoptr(GFile) rootfs = g_file_new_for_path ("/");
g_autoptr(OstreeSePolicy) sepolicy = ostree_sepolicy_new (rootfs, cancellable, error);
if (!sepolicy)
return FALSE;
if (!write_origin_file_internal (sysroot, sepolicy, deployment, new_origin,
GLNX_FILE_REPLACE_DATASYNC_NEW, GLNX_FILE_REPLACE_DATASYNC_NEW,
cancellable, error)) cancellable, error))
return FALSE; return FALSE;
@ -2444,21 +2455,13 @@ ostree_sysroot_deploy_tree (OstreeSysroot *self,
return FALSE; return FALSE;
} }
{ g_auto(OstreeSepolicyFsCreatecon) con = { 0, }; /* Don't fsync here, as we assume that's all done in
* ostree_sysroot_write_deployments().
if (!_ostree_sepolicy_preparefscreatecon (&con, sepolicy, */
"/etc/ostree/remotes.d/dummy.conf", if (!write_origin_file_internal (self, sepolicy, new_deployment, NULL,
0644, error)) GLNX_FILE_REPLACE_NODATASYNC,
return FALSE; cancellable, error))
return FALSE;
/* Don't fsync here, as we assume that's all done in
* ostree_sysroot_write_deployments().
*/
if (!write_origin_file_internal (self, new_deployment, NULL,
GLNX_FILE_REPLACE_NODATASYNC,
cancellable, error))
return FALSE;
}
/* After this, install_deployment_kernel() will set the other boot /* After this, install_deployment_kernel() will set the other boot
* options and write it out to disk. * options and write it out to disk.