OSTree API references |
|---|
for OSTree 2019.6
for OSTree 2019.7
gboolean +ostree_commit_get_object_sizes (+GVariant *commit_variant, +GPtrArray **out_sizes_entries, +GError **error);
Reads a commit's "ostree.sizes" metadata and returns an array of
+OstreeCommitSizesEntry in out_sizes_entries
+. Each element
+represents an object in the commit. If the commit does not contain
+the "ostree.sizes" metadata, a G_IO_ERROR_NOT_FOUND error will be
+returned.
commit_variant |
+variant of type |
+[not nullable] | +
out_sizes_entries |
+return location for an array of object size entries. |
+[out][element-type OstreeCommitSizesEntry][transfer container][optional] | +
error |
+Error |
++ |
Since: 2020.1
+OstreeCommitSizesEntry * +ostree_commit_sizes_entry_new (+const gchar *checksum, +OstreeObjectType objtype, +guint64 unpacked, +guint64 archived);
Create a new OstreeCommitSizesEntry for representing an object in a +commit's "ostree.sizes" metadata.
+checksum |
+object checksum. |
+[not nullable] | +
objtype |
+object type |
++ |
unpacked |
+unpacked object size |
++ |
archived |
+compressed object size |
++ |
Since: 2020.1
+OstreeCommitSizesEntry *
+ostree_commit_sizes_entry_copy (const OstreeCommitSizesEntry *entry);
+Create a copy of the given entry
+.
Since: 2020.1
+void
+ostree_commit_sizes_entry_free (OstreeCommitSizesEntry *entry);
+Free given entry
+.
Since: 2020.1
+gboolean ostree_check_version (guint required_year, @@ -2620,6 +2801,52 @@ stale and should be re-downloaded if possible (similar to the HTTP
key:
ostree.commit.timestamp, value:t, timestamp (seconds since the Unix epoch in UTC, big-endian) when the commit was committed
typedef struct {
+ gchar *checksum;
+ OstreeObjectType objtype;
+ guint64 unpacked;
+ guint64 archived;
+} OstreeCommitSizesEntry;
+
+Structure representing an entry in the "ostree.sizes" commit metadata. Each +entry corresponds to an object in the associated commit.
+| + | object checksum. |
+[not nullable] | +
OstreeObjectType |
+object type |
++ |
| + | unpacked object size |
++ |
| + | compressed object size |
++ |
Since: 2020.1
+void<
+ostree_sysroot_initialize ()
+gboolean
+ostree_sysroot_initialize (OstreeSysroot *self,
+ GError **error);
+Subset of ostree_sysroot_load(); performs basic initialization. Notably, one
+can invoke ostree_sysroot_get_fd()
+It is not necessary to call this function if ostree_sysroot_load() is
+invoked.
+
+Since: 2020.1
+
+
+
ostree_sysroot_get_path ()
GFile *
ostree_sysroot_get_path (OstreeSysroot *self);
@@ -737,12 +788,57 @@ may not be predictable.
+ostree_sysroot_set_mount_namespace_in_use ()
+void
+ostree_sysroot_set_mount_namespace_in_use
+ (OstreeSysroot *self);
+If this function is invoked, then libostree will assume that
+a private Linux mount namespace has been created by the process.
+The primary use case for this is to have e.g. /sysroot mounted
+read-only by default.
+If this function has been called, then when a function which requires
+writable access is invoked, libostree will automatically remount as writable
+any mount points on which it operates. This currently is just /sysroot and
+/boot.
+If you invoke this function, it must be before ostree_sysroot_load(); it may
+be invoked before or after ostree_sysroot_initialize().
+Since: 2020.1
+
+
+
+ostree_sysroot_is_booted ()
+gboolean
+ostree_sysroot_is_booted (OstreeSysroot *self);
+Can only be invoked after ostree_sysroot_initialize()
+
+
+Since: 2020.1
+
+
+
ostree_sysroot_get_fd ()
int
ostree_sysroot_get_fd (OstreeSysroot *self);
-Access a file descriptor that refers to the root directory of this
-sysroot. ostree_sysroot_load() must have been invoked prior to
-calling this function.
+Access a file descriptor that refers to the root directory of this sysroot.
+ostree_sysroot_initialize() (or ostree_sysroot_load()) must have been invoked
+prior to calling this function.
Parameters
@@ -1113,8 +1209,8 @@ flag in options
OstreeRepo *
ostree_sysroot_repo (OstreeSysroot *self);
This function is a variant of ostree_sysroot_get_repo() that cannot fail, and
-returns a cached repository. Can only be called after ostree_sysroot_load()
-has been invoked successfully.
+returns a cached repository. Can only be called after ostree_sysroot_initialize()
+or ostree_sysroot_load() has been invoked successfully.
Parameters
diff --git a/apidoc/html/ostree.devhelp2 b/apidoc/html/ostree.devhelp2
index d2d82d7a..3bb2f8ff 100644
--- a/apidoc/html/ostree.devhelp2
+++ b/apidoc/html/ostree.devhelp2
@@ -69,6 +69,10 @@
+OstreeCommitSizesEntry, struct in Core repository-independent functions
+
+
+
ostree_commit_get_content_checksum, function in Core repository-independent functions
+ostree_commit_get_object_sizes, function in Core repository-independent functions
+
+
+
ostree_commit_get_parent, function in Core repository-independent functions
@@ -322,6 +330,18 @@ ostree_collection_ref_new, function in ostree-ref
+ostree_commit_sizes_entry_copy, function in Core repository-independent functions
+
+
+
+ostree_commit_sizes_entry_free, function in Core repository-independent functions
+
+
+
+ostree_commit_sizes_entry_new, function in Core repository-independent functions
+
+
+
ostree_content_file_parse, function in Core repository-independent functions
@@ -1724,10 +1744,18 @@ ostree_repo_transaction_set_collection_ref, function in ostree-misc-experimental
+ostree_sysroot_initialize, function in Root partition mount point
+
+
+
ostree_sysroot_init_osname, function in Root partition mount point
+ostree_sysroot_is_booted, function in Root partition mount point
+
+
+
ostree_sysroot_load, function in Root partition mount point
@@ -1772,6 +1800,10 @@ ostree_repo_transaction_set_collection_ref, function in ostree-misc-experimental
+ostree_sysroot_set_mount_namespace_in_use, function in Root partition mount point
+
+
+
ostree_sysroot_simple_write_deployment, function in Root partition mount point
diff --git a/apidoc/ostree-sections.txt b/apidoc/ostree-sections.txt
index f99c4df5..32cf5228 100644
--- a/apidoc/ostree-sections.txt
+++ b/apidoc/ostree-sections.txt
@@ -151,7 +151,14 @@ ostree_validate_structureof_dirmeta
ostree_commit_get_parent
ostree_commit_get_timestamp
ostree_commit_get_content_checksum
+ostree_commit_get_object_sizes
+OstreeCommitSizesEntry
+ostree_commit_sizes_entry_new
+ostree_commit_sizes_entry_copy
+ostree_commit_sizes_entry_free
ostree_check_version
+
+ostree_commit_sizes_entry_get_type
@@ -499,6 +506,7 @@ ostree_sepolicy_get_type
OstreeSysroot
ostree_sysroot_new
ostree_sysroot_new_default
+ostree_sysroot_initialize
ostree_sysroot_get_path
ostree_sysroot_load
ostree_sysroot_load_if_changed
@@ -508,6 +516,8 @@ ostree_sysroot_lock_async
ostree_sysroot_lock_finish
ostree_sysroot_unlock
ostree_sysroot_unload
+ostree_sysroot_set_mount_namespace_in_use
+ostree_sysroot_is_booted
ostree_sysroot_get_fd
ostree_sysroot_ensure_initialized
ostree_sysroot_get_bootversion
diff --git a/apidoc/ostree.types b/apidoc/ostree.types
index c2faa1f4..aa2b9f0b 100644
--- a/apidoc/ostree.types
+++ b/apidoc/ostree.types
@@ -4,6 +4,7 @@ ostree_bootconfig_parser_get_type
ostree_chain_input_stream_get_type
ostree_checksum_input_stream_get_type
ostree_collection_ref_get_type
+ostree_commit_sizes_entry_get_type
ostree_deployment_get_type
ostree_diff_item_get_type
ostree_gpg_verify_result_get_type
diff --git a/apidoc/version.xml b/apidoc/version.xml
index a6415107..36d21d4f 100644
--- a/apidoc/version.xml
+++ b/apidoc/version.xml
@@ -1 +1 @@
-2019.6
\ No newline at end of file
+2019.7
\ No newline at end of file
diff --git a/bash/ostree b/bash/ostree
index fc429983..4aec588b 100644
--- a/bash/ostree
+++ b/bash/ostree
@@ -1445,6 +1445,7 @@ _ostree_show() {
local boolean_options="
$main_boolean_options
--print-related
+ --print-sizes
--raw
"
diff --git a/config.h.in b/config.h.in
index 1eef9ff2..ac9b3713 100644
--- a/config.h.in
+++ b/config.h.in
@@ -82,6 +82,9 @@
/* Define if we have libsystemd.pc */
#undef HAVE_LIBSYSTEMD
+/* Define to 1 if you have the header file. */
+#undef HAVE_LINUX_FSVERITY_H
+
/* Define to 1 if you have the header file. */
#undef HAVE_MEMORY_H
diff --git a/configure b/configure
index 4ae7dd2f..0544942f 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libostree 2019.6.
+# Generated by GNU Autoconf 2.69 for libostree 2020.2.
#
# Report bugs to .
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='libostree'
PACKAGE_TARNAME='libostree'
-PACKAGE_VERSION='2019.6'
-PACKAGE_STRING='libostree 2019.6'
+PACKAGE_VERSION='2020.2'
+PACKAGE_STRING='libostree 2020.2'
PACKAGE_BUGREPORT='walters@verbum.org'
PACKAGE_URL=''
@@ -654,8 +654,6 @@ BUILDOPT_SYSTEMD_FALSE
BUILDOPT_SYSTEMD_TRUE
systemdsystemgeneratordir
systemdsystemunitdir
-BUILDOPT_LIBSYSTEMD_FALSE
-BUILDOPT_LIBSYSTEMD_TRUE
LIBSYSTEMD_LIBS
LIBSYSTEMD_CFLAGS
BUILDOPT_MKINITCPIO_FALSE
@@ -1554,7 +1552,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures libostree 2019.6 to adapt to many kinds of systems.
+\`configure' configures libostree 2020.2 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1624,7 +1622,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of libostree 2019.6:";;
+ short | recursive ) echo "Configuration of libostree 2020.2:";;
esac
cat <<\_ACEOF
@@ -1883,7 +1881,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-libostree configure 2019.6
+libostree configure 2020.2
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2355,7 +2353,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by libostree $as_me 2019.6, which was
+It was created by libostree $as_me 2020.2, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3223,7 +3221,7 @@ fi
# Define the identity of the package.
PACKAGE='libostree'
- VERSION='2019.6'
+ VERSION='2020.2'
# Some tools Automake needs.
@@ -5955,11 +5953,11 @@ done
test -n "$YACC" || YACC="yacc"
-YEAR_VERSION=2019
+YEAR_VERSION=2020
-RELEASE_VERSION=6
+RELEASE_VERSION=2
-PACKAGE_VERSION=2019.6
+PACKAGE_VERSION=2020.2
if echo "$CFLAGS" | grep -q -E -e '-Werror($| )'; then :
@@ -16082,6 +16080,22 @@ LIBARCHIVE_DEPENDENCY="libarchive >= 2.8.0"
# What's in RHEL7.2.
FUSE_DEPENDENCY="fuse >= 2.9.2"
+for ac_header in linux/fsverity.h
+do :
+ ac_fn_c_check_header_mongrel "$LINENO" "linux/fsverity.h" "ac_cv_header_linux_fsverity_h" "$ac_includes_default"
+if test "x$ac_cv_header_linux_fsverity_h" = xyes; then :
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_LINUX_FSVERITY_H 1
+_ACEOF
+
+fi
+
+done
+
+if test x$ac_cv_header_linux_fsverity_h = xyes ; then :
+ OSTREE_FEATURES="$OSTREE_FEATURES ex-fsverity"
+fi
+
# check for gtk-doc
@@ -17865,18 +17879,9 @@ fi
else
with_libsystemd=no
fi
- if test $with_libsystemd != no; then
- BUILDOPT_LIBSYSTEMD_TRUE=
- BUILDOPT_LIBSYSTEMD_FALSE='#'
-else
- BUILDOPT_LIBSYSTEMD_TRUE='#'
- BUILDOPT_LIBSYSTEMD_FALSE=
-fi
+if test "x$with_libsystemd" = "xyes"; then :
-if test "x$have_libsystemd" = "xyes"; then :
-
- with_systemd=yes
# Check whether --with-systemdsystemunitdir was given.
if test "${with_systemdsystemunitdir+set}" = set; then :
@@ -17907,7 +17912,7 @@ fi
fi
fi
- if test x$with_systemd = xyes; then
+ if test x$with_libsystemd = xyes; then
BUILDOPT_SYSTEMD_TRUE=
BUILDOPT_SYSTEMD_FALSE='#'
else
@@ -17915,7 +17920,7 @@ else
BUILDOPT_SYSTEMD_FALSE=
fi
- if test x$with_systemd = xyes && test x$with_libmount = xyes; then
+ if test x$with_libsystemd = xyes && test x$with_libmount = xyes; then
BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE=
BUILDOPT_SYSTEMD_AND_LIBMOUNT_FALSE='#'
else
@@ -17928,6 +17933,7 @@ if test -z "$BUILDOPT_SYSTEMD_AND_LIBMOUNT_TRUE"; then :
$as_echo "#define BUILDOPT_LIBSYSTEMD_AND_LIBMOUNT 1" >>confdefs.h
fi
+if test x$with_libsystemd = xyes; then OSTREE_FEATURES="$OSTREE_FEATURES systemd"; fi
# Check whether --with-builtin-grub2-mkconfig was given.
@@ -18413,10 +18419,6 @@ if test -z "${BUILDOPT_MKINITCPIO_TRUE}" && test -z "${BUILDOPT_MKINITCPIO_FALSE
as_fn_error $? "conditional \"BUILDOPT_MKINITCPIO\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi
-if test -z "${BUILDOPT_LIBSYSTEMD_TRUE}" && test -z "${BUILDOPT_LIBSYSTEMD_FALSE}"; then
- as_fn_error $? "conditional \"BUILDOPT_LIBSYSTEMD\" was never defined.
-Usually this means the macro was only invoked conditionally." "$LINENO" 5
-fi
if test -z "${BUILDOPT_SYSTEMD_TRUE}" && test -z "${BUILDOPT_SYSTEMD_FALSE}"; then
as_fn_error $? "conditional \"BUILDOPT_SYSTEMD\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
@@ -18842,7 +18844,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by libostree $as_me 2019.6, which was
+This file was extended by libostree $as_me 2020.2, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -18908,7 +18910,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-libostree config.status 2019.6
+libostree config.status 2020.2
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
@@ -20610,8 +20612,9 @@ echo "
HTTP backend: $fetcher_backend
\"ostree trivial-httpd\": $enable_trivial_httpd_cmdline
SELinux: $with_selinux
+ fs-verity: $ac_cv_header_linux_fsverity_h
cryptographic checksums: $with_crypto
- systemd: $have_libsystemd
+ systemd: $with_libsystemd
libmount: $with_libmount
libarchive (parse tar files directly): $with_libarchive
static deltas: yes (always enabled now)
diff --git a/configure.ac b/configure.ac
index 46a900f5..36995403 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,12 +2,12 @@ AC_PREREQ([2.63])
dnl To do a release: follow the instructions to update libostree-released.sym from
dnl libostree-devel.sym, update the checksum in test-symbols.sh, set is_release_build=yes
dnl below. Then make another post-release commit to bump the version and set
-dnl is_release_build=no.
+dnl is_release_build=yes
dnl Seed the release notes with `git-shortlog-with-prs ..`. Then use
dnl `git-evtag` to create the tag and push it. Finally, create a GitHub release and attach
dnl the tarball from `make dist`.
-m4_define([year_version], [2019])
-m4_define([release_version], [6])
+m4_define([year_version], [2020])
+m4_define([release_version], [2])
m4_define([package_version], [year_version.release_version])
AC_INIT([libostree], [package_version], [walters@verbum.org])
is_release_build=yes
@@ -246,6 +246,10 @@ LIBARCHIVE_DEPENDENCY="libarchive >= 2.8.0"
# What's in RHEL7.2.
FUSE_DEPENDENCY="fuse >= 2.9.2"
+AC_CHECK_HEADERS([linux/fsverity.h])
+AS_IF([test x$ac_cv_header_linux_fsverity_h = xyes ],
+ [OSTREE_FEATURES="$OSTREE_FEATURES ex-fsverity"])
+
# check for gtk-doc
m4_ifdef([GTK_DOC_CHECK], [
GTK_DOC_CHECK([1.15], [--flavour no-tmpl])
@@ -509,10 +513,8 @@ AS_IF([ test x$with_libsystemd != xno ], [
with_libsystemd=no
])
], [ with_libsystemd=no ])
-AM_CONDITIONAL(BUILDOPT_LIBSYSTEMD, test $with_libsystemd != no)
-AS_IF([test "x$have_libsystemd" = "xyes"], [
- with_systemd=yes
+AS_IF([test "x$with_libsystemd" = "xyes"], [
AC_ARG_WITH([systemdsystemunitdir],
AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
[],
@@ -528,11 +530,12 @@ AS_IF([test "x$have_libsystemd" = "xyes"], [
AC_SUBST([systemdsystemgeneratordir], [$with_systemdsystemgeneratordir])
])
])
-AM_CONDITIONAL(BUILDOPT_SYSTEMD, test x$with_systemd = xyes)
+AM_CONDITIONAL(BUILDOPT_SYSTEMD, test x$with_libsystemd = xyes)
dnl If we have both, we use the "new /var" model with ostree-system-generator
-AM_CONDITIONAL(BUILDOPT_SYSTEMD_AND_LIBMOUNT,[test x$with_systemd = xyes && test x$with_libmount = xyes])
+AM_CONDITIONAL(BUILDOPT_SYSTEMD_AND_LIBMOUNT,[test x$with_libsystemd = xyes && test x$with_libmount = xyes])
AM_COND_IF(BUILDOPT_SYSTEMD_AND_LIBMOUNT,
AC_DEFINE([BUILDOPT_LIBSYSTEMD_AND_LIBMOUNT], 1, [Define if systemd and libmount]))
+if test x$with_libsystemd = xyes; then OSTREE_FEATURES="$OSTREE_FEATURES systemd"; fi
AC_ARG_WITH(builtin-grub2-mkconfig,
AS_HELP_STRING([--with-builtin-grub2-mkconfig],
@@ -619,8 +622,9 @@ echo "
HTTP backend: $fetcher_backend
\"ostree trivial-httpd\": $enable_trivial_httpd_cmdline
SELinux: $with_selinux
+ fs-verity: $ac_cv_header_linux_fsverity_h
cryptographic checksums: $with_crypto
- systemd: $have_libsystemd
+ systemd: $with_libsystemd
libmount: $with_libmount
libarchive (parse tar files directly): $with_libarchive
static deltas: yes (always enabled now)
diff --git a/man/ostree-pull.xml b/man/ostree-pull.xml
index 84d75be3..0606f690 100644
--- a/man/ostree-pull.xml
+++ b/man/ostree-pull.xml
@@ -143,6 +143,14 @@ Boston, MA 02111-1307, USA.
Description
+
+ Without --mirror, this command will create new refs
+ under remotes/REMOTE/ directory
+ for each pulled branch unless they are already created. Such
+ refs can be then referenced by REMOTE:BRANCH in
+ ostree subcommands (e.g. ostree log origin:exampleos/x86_64/standard ).
+
+
This command can retrieve just a specific commit, or go all
the way to performing a full mirror of the remote
diff --git a/man/ostree-show.xml b/man/ostree-show.xml
index a3d9aa4a..a28f704c 100644
--- a/man/ostree-show.xml
+++ b/man/ostree-show.xml
@@ -99,6 +99,17 @@ Boston, MA 02111-1307, USA.
+
+
+ Show the commit size metadata. This in only supported for
+ commits that contain ostree.sizes
+ metadata. This can be included when creating commits with
+ ostree commit --generate-sizes .
+
+
#endif
+#include
#include
#include "otutil.h"
@@ -189,8 +190,6 @@ _ostree_impl_system_generator (const char *ostree_cmdline,
"[Unit]\n"
"Documentation=man:ostree(1)\n"
"ConditionKernelCommandLine=!systemd.volatile\n"
- /* We need /sysroot mounted writable first */
- "After=ostree-remount.service\n"
"Before=local-fs.target\n"
"\n"
"[Mount]\n"
diff --git a/src/libostree/ostree-linuxfsutil.c b/src/libostree/ostree-linuxfsutil.c
index d1dde8b4..231ecf76 100644
--- a/src/libostree/ostree-linuxfsutil.c
+++ b/src/libostree/ostree-linuxfsutil.c
@@ -68,6 +68,10 @@ _ostree_linuxfs_fd_alter_immutable_flag (int fd,
}
else
{
+ gboolean prev_immutable_state = (flags & EXT2_IMMUTABLE_FL) > 0;
+ if (prev_immutable_state == new_immutable_state)
+ return TRUE; /* Nothing to do */
+
if (new_immutable_state)
flags |= EXT2_IMMUTABLE_FL;
else
diff --git a/src/libostree/ostree-repo-checkout.c b/src/libostree/ostree-repo-checkout.c
index 8dd14640..dc36370f 100644
--- a/src/libostree/ostree-repo-checkout.c
+++ b/src/libostree/ostree-repo-checkout.c
@@ -92,8 +92,8 @@ checkout_object_for_uncompressed_cache (OstreeRepo *self,
if (self->uncompressed_objects_dir_fd == -1)
{
- if (!glnx_shutil_mkdir_p_at (self->repo_dir_fd, "uncompressed-objects-cache", 0755,
- cancellable, error))
+ if (!glnx_shutil_mkdir_p_at (self->repo_dir_fd, "uncompressed-objects-cache",
+ DEFAULT_DIRECTORY_MODE, cancellable, error))
return FALSE;
if (!glnx_opendirat (self->repo_dir_fd, "uncompressed-objects-cache", TRUE,
&self->uncompressed_objects_dir_fd,
diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
index 8c5d9411..dac4573c 100644
--- a/src/libostree/ostree-repo-commit.c
+++ b/src/libostree/ostree-repo-commit.c
@@ -32,6 +32,10 @@
#include
#include
#include
+#include
+#ifdef HAVE_LINUX_FSVERITY_H
+#include
+#endif
#include "otutil.h"
#include "ostree.h"
@@ -168,6 +172,113 @@ ot_security_smack_reset_fd (int fd)
#endif
}
+/* Wrapper around the fsverity ioctl, compressing the result to
+ * "success, unsupported or error". This is used for /boot where
+ * we enable verity if supported.
+ * */
+gboolean
+_ostree_tmpf_fsverity_core (GLnxTmpfile *tmpf,
+ _OstreeFeatureSupport fsverity_requested,
+ gboolean *supported,
+ GError **error)
+{
+ /* Set this by default to simplify the code below */
+ if (supported)
+ *supported = FALSE;
+
+ if (fsverity_requested == _OSTREE_FEATURE_NO)
+ return TRUE;
+
+#ifdef HAVE_LINUX_FSVERITY_H
+ GLNX_AUTO_PREFIX_ERROR ("fsverity", error);
+
+ /* fs-verity requires a read-only file descriptor */
+ if (!glnx_tmpfile_reopen_rdonly (tmpf, error))
+ return FALSE;
+
+ struct fsverity_enable_arg arg = { 0, };
+ arg.version = 1;
+ arg.hash_algorithm = FS_VERITY_HASH_ALG_SHA256; /* TODO configurable? */
+ arg.block_size = 4096; /* FIXME query */
+ arg.salt_size = 0; /* TODO store salt in ostree repo config */
+ arg.salt_ptr = 0;
+ arg.sig_size = 0; /* We don't currently expect use of in-kernel signature verification */
+ arg.sig_ptr = 0;
+
+ if (ioctl (tmpf->fd, FS_IOC_ENABLE_VERITY, &arg) < 0)
+ {
+ switch (errno)
+ {
+ case ENOTTY:
+ case EOPNOTSUPP:
+ return TRUE;
+ default:
+ return glnx_throw_errno_prefix (error, "ioctl(FS_IOC_ENABLE_VERITY)");
+ }
+ }
+
+ if (supported)
+ *supported = TRUE;
+#endif
+ return TRUE;
+}
+
+/* Enable verity on a file, respecting the "wanted" and "supported" states.
+ * The main idea here is to optimize out pointlessly calling the ioctl()
+ * over and over in cases where it's not supported for the repo's filesystem,
+ * as well as to support "opportunistic" use (requested and if filesystem supports).
+ * */
+gboolean
+_ostree_tmpf_fsverity (OstreeRepo *self,
+ GLnxTmpfile *tmpf,
+ GError **error)
+{
+#ifdef HAVE_LINUX_FSVERITY_H
+ g_mutex_lock (&self->txn_lock);
+ _OstreeFeatureSupport fsverity_wanted = self->fs_verity_wanted;
+ _OstreeFeatureSupport fsverity_supported = self->fs_verity_supported;
+ g_mutex_unlock (&self->txn_lock);
+
+ switch (fsverity_wanted)
+ {
+ case _OSTREE_FEATURE_YES:
+ {
+ if (fsverity_supported == _OSTREE_FEATURE_NO)
+ return glnx_throw (error, "fsverity required but filesystem does not support it");
+ }
+ break;
+ case _OSTREE_FEATURE_MAYBE:
+ break;
+ case _OSTREE_FEATURE_NO:
+ return TRUE;
+ }
+
+ gboolean supported = FALSE;
+ if (!_ostree_tmpf_fsverity_core (tmpf, fsverity_wanted, &supported, error))
+ return FALSE;
+
+ if (!supported)
+ {
+ if (G_UNLIKELY (fsverity_wanted == _OSTREE_FEATURE_YES))
+ return glnx_throw (error, "fsverity required but filesystem does not support it");
+
+ /* If we got here, we must be trying "opportunistic" use of fs-verity */
+ g_assert_cmpint (fsverity_wanted, ==, _OSTREE_FEATURE_MAYBE);
+ g_mutex_lock (&self->txn_lock);
+ self->fs_verity_supported = _OSTREE_FEATURE_NO;
+ g_mutex_unlock (&self->txn_lock);
+ return TRUE;
+ }
+
+ g_mutex_lock (&self->txn_lock);
+ self->fs_verity_supported = _OSTREE_FEATURE_YES;
+ g_mutex_unlock (&self->txn_lock);
+#else
+ g_assert_cmpint (self->fs_verity_wanted, !=, _OSTREE_FEATURE_YES);
+#endif
+ return TRUE;
+}
+
/* Given an O_TMPFILE regular file, link it into place. */
gboolean
_ostree_repo_commit_tmpf_final (OstreeRepo *self,
@@ -185,6 +296,9 @@ _ostree_repo_commit_tmpf_final (OstreeRepo *self,
cancellable, error))
return FALSE;
+ if (!_ostree_tmpf_fsverity (self, tmpf, error))
+ return FALSE;
+
if (!glnx_link_tmpfile_at (tmpf, GLNX_LINK_TMPFILE_NOREPLACE_IGNORE_EXIST,
dest_dfd, tmpbuf, error))
return FALSE;
@@ -322,16 +436,19 @@ commit_loose_regfile_object (OstreeRepo *self,
/* This is used by OSTREE_REPO_COMMIT_MODIFIER_FLAGS_GENERATE_SIZES */
typedef struct
{
+ OstreeObjectType objtype;
goffset unpacked;
goffset archived;
} OstreeContentSizeCacheEntry;
static OstreeContentSizeCacheEntry *
-content_size_cache_entry_new (goffset unpacked,
- goffset archived)
+content_size_cache_entry_new (OstreeObjectType objtype,
+ goffset unpacked,
+ goffset archived)
{
OstreeContentSizeCacheEntry *entry = g_slice_new0 (OstreeContentSizeCacheEntry);
+ entry->objtype = objtype;
entry->unpacked = unpacked;
entry->archived = archived;
@@ -345,19 +462,61 @@ content_size_cache_entry_free (gpointer entry)
g_slice_free (OstreeContentSizeCacheEntry, entry);
}
+void
+_ostree_repo_setup_generate_sizes (OstreeRepo *self,
+ OstreeRepoCommitModifier *modifier)
+{
+ if (modifier && modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_GENERATE_SIZES)
+ {
+ if (ostree_repo_get_mode (self) == OSTREE_REPO_MODE_ARCHIVE)
+ {
+ self->generate_sizes = TRUE;
+
+ /* Clear any stale data in the object sizes hash table */
+ if (self->object_sizes != NULL)
+ g_hash_table_remove_all (self->object_sizes);
+ }
+ else
+ g_debug ("Not generating sizes for non-archive repo");
+ }
+}
+
static void
-repo_store_size_entry (OstreeRepo *self,
- const gchar *checksum,
- goffset unpacked,
- goffset archived)
+repo_ensure_size_entries (OstreeRepo *self)
{
if (G_UNLIKELY (self->object_sizes == NULL))
self->object_sizes = g_hash_table_new_full (g_str_hash, g_str_equal,
g_free, content_size_cache_entry_free);
+}
+static gboolean
+repo_has_size_entry (OstreeRepo *self,
+ OstreeObjectType objtype,
+ const gchar *checksum)
+{
+ /* Only file, dirtree and dirmeta objects appropriate for size metadata */
+ if (objtype > OSTREE_OBJECT_TYPE_DIR_META)
+ return TRUE;
+
+ repo_ensure_size_entries (self);
+ return (g_hash_table_lookup (self->object_sizes, checksum) != NULL);
+}
+
+static void
+repo_store_size_entry (OstreeRepo *self,
+ OstreeObjectType objtype,
+ const gchar *checksum,
+ goffset unpacked,
+ goffset archived)
+{
+ /* Only file, dirtree and dirmeta objects appropriate for size metadata */
+ if (objtype > OSTREE_OBJECT_TYPE_DIR_META)
+ return;
+
+ repo_ensure_size_entries (self);
g_hash_table_replace (self->object_sizes,
g_strdup (checksum),
- content_size_cache_entry_new (unpacked, archived));
+ content_size_cache_entry_new (objtype, unpacked, archived));
}
static int
@@ -408,6 +567,7 @@ add_size_index_to_metadata (OstreeRepo *self,
g_hash_table_lookup (self->object_sizes, e_checksum);
_ostree_write_varuint64 (buffer, e_size->archived);
_ostree_write_varuint64 (buffer, e_size->unpacked);
+ g_string_append_c (buffer, (gchar) e_size->objtype);
g_variant_builder_add (&index_builder, "@ay",
ot_gvariant_new_bytearray ((guint8*)buffer->str, buffer->len));
@@ -415,6 +575,9 @@ add_size_index_to_metadata (OstreeRepo *self,
g_variant_builder_add (builder, "{sv}", "ostree.sizes",
g_variant_builder_end (&index_builder));
+
+ /* Clear the object sizes hash table for a subsequent commit. */
+ g_hash_table_remove_all (self->object_sizes);
}
return g_variant_ref_sink (g_variant_builder_end (builder));
@@ -956,7 +1119,6 @@ write_content_object (OstreeRepo *self,
g_auto(OtCleanupUnlinkat) tmp_unlinker = { commit_tmp_dfd (self), NULL };
g_auto(GLnxTmpfile) tmpf = { 0, };
goffset unpacked_size = 0;
- gboolean indexable = FALSE;
/* Is it a symlink physically? */
if (phys_object_is_symlink)
{
@@ -982,9 +1144,6 @@ write_content_object (OstreeRepo *self,
g_assert (repo_mode == OSTREE_REPO_MODE_ARCHIVE);
- if (self->generate_sizes)
- indexable = TRUE;
-
if (!glnx_open_tmpfile_linkable_at (commit_tmp_dfd (self), ".", O_WRONLY|O_CLOEXEC,
&tmpf, error))
return FALSE;
@@ -1013,6 +1172,11 @@ write_content_object (OstreeRepo *self,
unpacked_size = g_file_info_get_size (file_info);
}
+ else
+ {
+ /* For a symlink, the size is the length of the target */
+ unpacked_size = strlen (g_file_info_get_symlink_target (file_info));
+ }
if (!g_output_stream_flush (temp_out, cancellable, error))
return FALSE;
@@ -1042,6 +1206,19 @@ write_content_object (OstreeRepo *self,
g_assert (actual_checksum != NULL); /* Pacify static analysis */
+ /* Update size metadata if configured and entry missing */
+ if (self->generate_sizes &&
+ !repo_has_size_entry (self, OSTREE_OBJECT_TYPE_FILE, actual_checksum))
+ {
+ struct stat stbuf;
+
+ if (!glnx_fstat (tmpf.fd, &stbuf, error))
+ return FALSE;
+
+ repo_store_size_entry (self, OSTREE_OBJECT_TYPE_FILE, actual_checksum,
+ unpacked_size, stbuf.st_size);
+ }
+
/* See whether or not we have the object, now that we know the
* checksum.
*/
@@ -1107,17 +1284,6 @@ write_content_object (OstreeRepo *self,
}
else
{
- /* Update size metadata if configured */
- if (indexable && object_file_type == G_FILE_TYPE_REGULAR)
- {
- struct stat stbuf;
-
- if (!glnx_fstat (tmpf.fd, &stbuf, error))
- return FALSE;
-
- repo_store_size_entry (self, actual_checksum, unpacked_size, stbuf.st_size);
- }
-
/* Check if a file with the same payload is present in the repository,
and in case try to reflink it */
if (actual_payload_checksum && !_try_clone_from_payload_link (self, self, actual_payload_checksum, file_info, &tmpf, cancellable, error))
@@ -1309,6 +1475,11 @@ write_metadata_object (OstreeRepo *self,
*/
if (have_obj)
{
+ /* Update size metadata if needed */
+ if (self->generate_sizes &&
+ !repo_has_size_entry (self, objtype, actual_checksum))
+ repo_store_size_entry (self, objtype, actual_checksum, len, len);
+
g_mutex_lock (&self->txn_lock);
self->txn.stats.metadata_objects_total++;
g_mutex_unlock (&self->txn_lock);
@@ -1330,6 +1501,11 @@ write_metadata_object (OstreeRepo *self,
gsize len;
const guint8 *bufp = g_bytes_get_data (buf, &len);
+ /* Update size metadata if needed */
+ if (self->generate_sizes &&
+ !repo_has_size_entry (self, objtype, actual_checksum))
+ repo_store_size_entry (self, objtype, actual_checksum, len, len);
+
/* Write the metadata to a temporary file */
g_auto(GLnxTmpfile) tmpf = { 0, };
if (!glnx_open_tmpfile_linkable_at (commit_tmp_dfd (self), ".", O_WRONLY|O_CLOEXEC,
@@ -2345,6 +2521,16 @@ ostree_repo_write_metadata (OstreeRepo *self,
return FALSE;
if (have_obj)
{
+ /* Update size metadata if needed */
+ if (self->generate_sizes &&
+ !repo_has_size_entry (self, objtype, expected_checksum))
+ {
+ /* Make sure we have a fully serialized object */
+ g_autoptr(GVariant) trusted = g_variant_get_normal_form (object);
+ gsize size = g_variant_get_size (trusted);
+ repo_store_size_entry (self, objtype, expected_checksum, size, size);
+ }
+
if (out_csum)
*out_csum = ostree_checksum_to_bytes (expected_checksum);
return TRUE;
@@ -2620,8 +2806,11 @@ ostree_repo_write_content (OstreeRepo *self,
{
/* First, if we have an expected checksum, see if we already have this
* object. This mirrors the same logic in ostree_repo_write_metadata().
+ *
+ * If size metadata is needed, fall through to write_content_object()
+ * where the entries are made.
*/
- if (expected_checksum)
+ if (expected_checksum && !self->generate_sizes)
{
gboolean have_obj;
if (!_ostree_repo_has_loose_object (self, expected_checksum,
@@ -3848,8 +4037,7 @@ ostree_repo_write_directory_to_mtree (OstreeRepo *self,
}
else
{
- if (modifier && modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_GENERATE_SIZES)
- self->generate_sizes = TRUE;
+ _ostree_repo_setup_generate_sizes (self, modifier);
g_autoptr(GPtrArray) path = g_ptr_array_new ();
if (!write_directory_to_mtree_internal (self, dir, mtree, modifier, path,
@@ -3883,8 +4071,7 @@ ostree_repo_write_dfd_to_mtree (OstreeRepo *self,
GCancellable *cancellable,
GError **error)
{
- if (modifier && modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_GENERATE_SIZES)
- self->generate_sizes = TRUE;
+ _ostree_repo_setup_generate_sizes (self, modifier);
g_auto(GLnxDirFdIterator) dfd_iter = { 0, };
if (!glnx_dirfd_iterator_init_at (dfd, path, FALSE, &dfd_iter, error))
diff --git a/src/libostree/ostree-repo-libarchive.c b/src/libostree/ostree-repo-libarchive.c
index 1850f99f..d55459f4 100644
--- a/src/libostree/ostree-repo-libarchive.c
+++ b/src/libostree/ostree-repo-libarchive.c
@@ -844,6 +844,8 @@ ostree_repo_import_archive_to_mtree (OstreeRepo *self,
.modifier = modifier
};
+ _ostree_repo_setup_generate_sizes (self, modifier);
+
while (TRUE)
{
int r = archive_read_next_header (a, &aictx.entry);
diff --git a/src/libostree/ostree-repo-private.h b/src/libostree/ostree-repo-private.h
index b57ad799..571cab6b 100644
--- a/src/libostree/ostree-repo-private.h
+++ b/src/libostree/ostree-repo-private.h
@@ -22,6 +22,7 @@
#pragma once
#include
+#include "config.h"
#include "otutil.h"
#include "ostree-ref.h"
#include "ostree-repo.h"
@@ -31,8 +32,6 @@ G_BEGIN_DECLS
#define OSTREE_DELTAPART_VERSION (0)
-#define _OSTREE_OBJECT_SIZES_ENTRY_SIGNATURE "ay"
-
#define _OSTREE_SUMMARY_CACHE_DIR "summaries"
#define _OSTREE_CACHE_DIR "cache"
@@ -97,6 +96,12 @@ typedef struct {
fsblkcnt_t max_blocks;
} OstreeRepoTxn;
+typedef enum {
+ _OSTREE_FEATURE_NO,
+ _OSTREE_FEATURE_MAYBE,
+ _OSTREE_FEATURE_YES,
+} _OstreeFeatureSupport;
+
/**
* OstreeRepo:
*
@@ -127,6 +132,8 @@ struct OstreeRepo {
GMutex txn_lock;
OstreeRepoTxn txn;
gboolean txn_locked;
+ _OstreeFeatureSupport fs_verity_wanted;
+ _OstreeFeatureSupport fs_verity_supported;
GMutex cache_lock;
guint dirmeta_cache_refcount;
@@ -143,6 +150,14 @@ struct OstreeRepo {
guint zlib_compression_level;
GHashTable *loose_object_devino_hash;
GHashTable *updated_uncompressed_dirs;
+
+ /* FIXME: The object sizes hash table is really per-commit state, not repo
+ * state. Using a single table for the repo means that commits cannot be
+ * built simultaneously if they're adding size information. This data should
+ * probably be in OstreeMutableTree, but that's gone by the time the actual
+ * commit is constructed. At that point the only commit state is in the root
+ * OstreeRepoFile.
+ */
GHashTable *object_sizes;
/* Cache the repo's device/inode to use for comparisons elsewhere */
@@ -329,6 +344,10 @@ _ostree_repo_commit_modifier_apply (OstreeRepo *self,
GFileInfo *file_info,
GFileInfo **out_modified_info);
+void
+_ostree_repo_setup_generate_sizes (OstreeRepo *self,
+ OstreeRepoCommitModifier *modifier);
+
gboolean
_ostree_repo_remote_name_is_file (const char *remote_name);
@@ -471,4 +490,15 @@ OstreeRepoAutoLock * _ostree_repo_auto_lock_push (OstreeRepo *self,
void _ostree_repo_auto_lock_cleanup (OstreeRepoAutoLock *lock);
G_DEFINE_AUTOPTR_CLEANUP_FUNC (OstreeRepoAutoLock, _ostree_repo_auto_lock_cleanup)
+gboolean
+_ostree_tmpf_fsverity_core (GLnxTmpfile *tmpf,
+ _OstreeFeatureSupport fsverity_requested,
+ gboolean *supported,
+ GError **error);
+
+gboolean
+_ostree_tmpf_fsverity (OstreeRepo *self,
+ GLnxTmpfile *tmpf,
+ GError **error);
+
G_END_DECLS
diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c
index 586b34fe..125c113d 100644
--- a/src/libostree/ostree-repo-pull.c
+++ b/src/libostree/ostree-repo-pull.c
@@ -2925,7 +2925,7 @@ _ostree_repo_cache_summary (OstreeRepo *self,
if (self->cache_dir_fd == -1)
return TRUE;
- if (!glnx_shutil_mkdir_p_at (self->cache_dir_fd, _OSTREE_SUMMARY_CACHE_DIR, 0775, cancellable, error))
+ if (!glnx_shutil_mkdir_p_at (self->cache_dir_fd, _OSTREE_SUMMARY_CACHE_DIR, DEFAULT_DIRECTORY_MODE, cancellable, error))
return FALSE;
const char *summary_cache_file = glnx_strjoina (_OSTREE_SUMMARY_CACHE_DIR, "/", remote);
diff --git a/src/libostree/ostree-repo-refs.c b/src/libostree/ostree-repo-refs.c
index 536a763a..d1d679b2 100644
--- a/src/libostree/ostree-repo-refs.c
+++ b/src/libostree/ostree-repo-refs.c
@@ -1181,7 +1181,7 @@ _ostree_repo_write_ref (OstreeRepo *self,
char *parent = strdupa (ref->ref_name);
parent[lastslash - ref->ref_name] = '\0';
- if (!glnx_shutil_mkdir_p_at (dfd, parent, 0755, cancellable, error))
+ if (!glnx_shutil_mkdir_p_at (dfd, parent, DEFAULT_DIRECTORY_MODE, cancellable, error))
return FALSE;
}
diff --git a/src/libostree/ostree-repo-static-delta-compilation.c b/src/libostree/ostree-repo-static-delta-compilation.c
index 054ac06f..88e9ddf6 100644
--- a/src/libostree/ostree-repo-static-delta-compilation.c
+++ b/src/libostree/ostree-repo-static-delta-compilation.c
@@ -1427,7 +1427,7 @@ ostree_repo_static_delta_generate (OstreeRepo *self,
g_autofree char *dnbuf = g_strdup (descriptor_relpath);
const char *dn = dirname (dnbuf);
- if (!glnx_shutil_mkdir_p_at (self->repo_dir_fd, dn, 0755, cancellable, error))
+ if (!glnx_shutil_mkdir_p_at (self->repo_dir_fd, dn, DEFAULT_DIRECTORY_MODE, cancellable, error))
goto out;
if (!glnx_opendirat (self->repo_dir_fd, dn, TRUE, &descriptor_dfd, error))
goto out;
diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
index cff70d47..3aeecc5c 100644
--- a/src/libostree/ostree-repo.c
+++ b/src/libostree/ostree-repo.c
@@ -31,6 +31,7 @@
#include "libglnx.h"
#include "otutil.h"
#include
+#include
#include "ostree-core-private.h"
#include "ostree-sysroot-private.h"
@@ -47,6 +48,7 @@
#include
#include
#include
+#include
#define REPO_LOCK_DISABLED (-2)
#define REPO_LOCK_BLOCKING (-1)
@@ -357,7 +359,7 @@ push_repo_lock (OstreeRepo *self,
g_debug ("Opening repo lock file");
lock->fd = TEMP_FAILURE_RETRY (openat (self->repo_dir_fd, ".lock",
O_CREAT | O_RDWR | O_CLOEXEC,
- 0600));
+ DEFAULT_REGFILE_MODE));
if (lock->fd < 0)
{
free_repo_lock (lock);
@@ -2489,7 +2491,7 @@ repo_create_at_internal (int dfd,
}
}
- if (mkdirat (dfd, path, 0755) != 0)
+ if (mkdirat (dfd, path, DEFAULT_DIRECTORY_MODE) != 0)
{
if (G_UNLIKELY (errno != EEXIST))
return glnx_throw_errno_prefix (error, "mkdirat");
@@ -2527,7 +2529,7 @@ repo_create_at_internal (int dfd,
for (guint i = 0; i < G_N_ELEMENTS (state_dirs); i++)
{
const char *elt = state_dirs[i];
- if (mkdirat (repo_dfd, elt, 0755) == -1)
+ if (mkdirat (repo_dfd, elt, DEFAULT_DIRECTORY_MODE) == -1)
{
if (G_UNLIKELY (errno != EEXIST))
return glnx_throw_errno_prefix (error, "mkdirat");
@@ -3033,6 +3035,34 @@ reload_core_config (OstreeRepo *self,
}
}
+ /* Currently experimental */
+ static const char fsverity_key[] = "ex-fsverity";
+ self->fs_verity_wanted = _OSTREE_FEATURE_NO;
+#ifdef HAVE_LINUX_FSVERITY_H
+ self->fs_verity_supported = _OSTREE_FEATURE_MAYBE;
+#else
+ self->fs_verity_supported = _OSTREE_FEATURE_NO;
+#endif
+ gboolean fsverity_required = FALSE;
+ if (!ot_keyfile_get_boolean_with_default (self->config, fsverity_key, "required",
+ FALSE, &fsverity_required, error))
+ return FALSE;
+ if (fsverity_required)
+ {
+ self->fs_verity_wanted = _OSTREE_FEATURE_YES;
+ if (self->fs_verity_supported == _OSTREE_FEATURE_NO)
+ return glnx_throw (error, "fsverity required, but libostree compiled without support");
+ }
+ else
+ {
+ gboolean fsverity_opportunistic = FALSE;
+ if (!ot_keyfile_get_boolean_with_default (self->config, fsverity_key, "opportunistic",
+ FALSE, &fsverity_opportunistic, error))
+ return FALSE;
+ if (fsverity_opportunistic)
+ self->fs_verity_wanted = _OSTREE_FEATURE_MAYBE;
+ }
+
{
g_clear_pointer (&self->collection_id, g_free);
if (!ot_keyfile_get_value_with_default (self->config, "core", "collection-id",
@@ -3295,7 +3325,7 @@ ostree_repo_open (OstreeRepo *self,
*
* https://github.com/ostreedev/ostree/issues/1018
*/
- if (mkdirat (self->repo_dir_fd, "tmp", 0755) == -1)
+ if (mkdirat (self->repo_dir_fd, "tmp", DEFAULT_DIRECTORY_MODE) == -1)
{
if (G_UNLIKELY (errno != EEXIST))
return glnx_throw_errno_prefix (error, "mkdir(tmp)");
@@ -3307,7 +3337,7 @@ ostree_repo_open (OstreeRepo *self,
if (self->writable)
{
- if (!glnx_shutil_mkdir_p_at (self->tmp_dir_fd, _OSTREE_CACHE_DIR, 0775, cancellable, error))
+ if (!glnx_shutil_mkdir_p_at (self->tmp_dir_fd, _OSTREE_CACHE_DIR, DEFAULT_DIRECTORY_MODE, cancellable, error))
return FALSE;
if (!glnx_opendirat (self->tmp_dir_fd, _OSTREE_CACHE_DIR, TRUE, &self->cache_dir_fd, error))
@@ -6099,7 +6129,7 @@ _ostree_repo_allocate_tmpdir (int tmpdir_dfd,
{
g_auto(GLnxTmpDir) new_tmpdir = { 0, };
/* No existing tmpdir found, create a new */
- if (!glnx_mkdtempat (tmpdir_dfd, tmpdir_name_template, 0755,
+ if (!glnx_mkdtempat (tmpdir_dfd, tmpdir_name_template, DEFAULT_DIRECTORY_MODE,
&new_tmpdir, error))
return FALSE;
diff --git a/src/libostree/ostree-sysroot-cleanup.c b/src/libostree/ostree-sysroot-cleanup.c
index ef95d13c..71d978e0 100644
--- a/src/libostree/ostree-sysroot-cleanup.c
+++ b/src/libostree/ostree-sysroot-cleanup.c
@@ -455,6 +455,9 @@ ostree_sysroot_cleanup_prune_repo (OstreeSysroot *sysroot,
OstreeRepo *repo = ostree_sysroot_repo (sysroot);
const guint depth = 0; /* Historical default */
+ if (!_ostree_sysroot_ensure_writable (sysroot, error))
+ return FALSE;
+
/* Hold an exclusive lock by default across gathering refs and doing
* the prune.
*/
@@ -535,7 +538,10 @@ _ostree_sysroot_cleanup_internal (OstreeSysroot *self,
GError **error)
{
g_return_val_if_fail (OSTREE_IS_SYSROOT (self), FALSE);
- g_return_val_if_fail (self->loaded, FALSE);
+ g_return_val_if_fail (self->loadstate == OSTREE_SYSROOT_LOAD_STATE_LOADED, FALSE);
+
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
if (!cleanup_other_bootversions (self, cancellable, error))
return glnx_prefix_error (error, "Cleaning bootversions");
diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
index a09c354b..ee00c02c 100644
--- a/src/libostree/ostree-sysroot-deploy.c
+++ b/src/libostree/ostree-sysroot-deploy.c
@@ -41,6 +41,7 @@
#include "otutil.h"
#include "ostree.h"
+#include "ostree-repo-private.h"
#include "ostree-sysroot-private.h"
#include "ostree-sepolicy-private.h"
#include "ostree-bootloader-zipl.h"
@@ -56,6 +57,9 @@
#define OSTREE_DEPLOYMENT_FINALIZING_ID SD_ID128_MAKE(e8,64,6c,d6,3d,ff,46,25,b7,79,09,a8,e7,a4,09,94)
#endif
+static gboolean
+is_ro_mount (const char *path);
+
/*
* Like symlinkat() but overwrites (atomically) an existing
* symlink.
@@ -101,7 +105,8 @@ sysroot_flags_to_copy_flags (GLnxFileCopyFlags defaults,
* hardlink if we're on the same partition.
*/
static gboolean
-install_into_boot (OstreeSePolicy *sepolicy,
+install_into_boot (OstreeRepo *repo,
+ OstreeSePolicy *sepolicy,
int src_dfd,
const char *src_subpath,
int dest_dfd,
@@ -110,32 +115,67 @@ install_into_boot (OstreeSePolicy *sepolicy,
GCancellable *cancellable,
GError **error)
{
- if (linkat (src_dfd, src_subpath, dest_dfd, dest_subpath, 0) != 0)
- {
- if (G_IN_SET (errno, EMLINK, EXDEV))
- {
- /* Be sure we relabel when copying the kernel, as in current
- * e.g. Fedora it might be labeled module_object_t or usr_t,
- * but policy may not allow other processes to read from that
- * like kdump.
- * See also https://github.com/fedora-selinux/selinux-policy/commit/747f4e6775d773ab74efae5aa37f3e5e7f0d4aca
- * This means we also drop xattrs but...I doubt anyone uses
- * non-SELinux xattrs for the kernel anyways aside from perhaps
- * IMA but that's its own story.
- */
- g_auto(OstreeSepolicyFsCreatecon) fscreatecon = { 0, };
- const char *boot_path = glnx_strjoina ("/boot/", glnx_basename (dest_subpath));
- if (!_ostree_sepolicy_preparefscreatecon (&fscreatecon, sepolicy,
- boot_path, S_IFREG | 0644,
- error))
- return FALSE;
- return glnx_file_copy_at (src_dfd, src_subpath, NULL, dest_dfd, dest_subpath,
- GLNX_FILE_COPY_NOXATTRS | GLNX_FILE_COPY_DATASYNC,
- cancellable, error);
- }
- else
- return glnx_throw_errno_prefix (error, "linkat(%s)", dest_subpath);
- }
+ if (linkat (src_dfd, src_subpath, dest_dfd, dest_subpath, 0) == 0)
+ return TRUE; /* Note early return */
+ if (!G_IN_SET (errno, EMLINK, EXDEV))
+ return glnx_throw_errno_prefix (error, "linkat(%s)", dest_subpath);
+
+ /* Otherwise, copy */
+ struct stat src_stbuf;
+ if (!glnx_fstatat (src_dfd, src_subpath, &src_stbuf, AT_SYMLINK_NOFOLLOW, error))
+ return FALSE;
+
+ glnx_autofd int src_fd = -1;
+ if (!glnx_openat_rdonly (src_dfd, src_subpath, FALSE, &src_fd, error))
+ return FALSE;
+
+ /* Be sure we relabel when copying the kernel, as in current
+ * e.g. Fedora it might be labeled module_object_t or usr_t,
+ * but policy may not allow other processes to read from that
+ * like kdump.
+ * See also https://github.com/fedora-selinux/selinux-policy/commit/747f4e6775d773ab74efae5aa37f3e5e7f0d4aca
+ * This means we also drop xattrs but...I doubt anyone uses
+ * non-SELinux xattrs for the kernel anyways aside from perhaps
+ * IMA but that's its own story.
+ */
+ g_auto(OstreeSepolicyFsCreatecon) fscreatecon = { 0, };
+ const char *boot_path = glnx_strjoina ("/boot/", glnx_basename (dest_subpath));
+ if (!_ostree_sepolicy_preparefscreatecon (&fscreatecon, sepolicy,
+ boot_path, S_IFREG | 0644,
+ error))
+ return FALSE;
+
+ g_auto(GLnxTmpfile) tmp_dest = { 0, };
+ if (!glnx_open_tmpfile_linkable_at (dest_dfd, ".", O_WRONLY | O_CLOEXEC,
+ &tmp_dest, error))
+ return FALSE;
+
+ if (glnx_regfile_copy_bytes (src_fd, tmp_dest.fd, (off_t) -1) < 0)
+ return glnx_throw_errno_prefix (error, "regfile copy");
+
+ /* Kernel data should always be root-owned */
+ if (fchown (tmp_dest.fd, src_stbuf.st_uid, src_stbuf.st_gid) != 0)
+ return glnx_throw_errno_prefix (error, "fchown");
+
+ if (fchmod (tmp_dest.fd, src_stbuf.st_mode & 07777) != 0)
+ return glnx_throw_errno_prefix (error, "fchmod");
+
+ if (fdatasync (tmp_dest.fd) < 0)
+ return glnx_throw_errno_prefix (error, "fdatasync");
+
+ /* Today we don't have a config flag to *require* verity on /boot,
+ * and at least for Fedora CoreOS we're not likely to do fsverity on
+ * /boot soon due to wanting to support mounting it from old Linux
+ * kernels. So change "required" to "maybe".
+ */
+ _OstreeFeatureSupport boot_verity = _OSTREE_FEATURE_NO;
+ if (repo->fs_verity_wanted != _OSTREE_FEATURE_NO)
+ boot_verity = _OSTREE_FEATURE_MAYBE;
+ if (!_ostree_tmpf_fsverity_core (&tmp_dest, boot_verity, NULL, error))
+ return FALSE;
+
+ if (!glnx_link_tmpfile_at (&tmp_dest, GLNX_LINK_TMPFILE_NOREPLACE, dest_dfd, dest_subpath, error))
+ return FALSE;
return TRUE;
}
@@ -806,6 +846,9 @@ write_origin_file_internal (OstreeSysroot *sysroot,
GCancellable *cancellable,
GError **error)
{
+ if (!_ostree_sysroot_ensure_writable (sysroot, error))
+ return FALSE;
+
GLNX_AUTO_PREFIX_ERROR ("Writing out origin file", error);
GKeyFile *origin =
new_origin ? new_origin : ostree_deployment_get_origin (deployment);
@@ -1660,7 +1703,7 @@ install_deployment_kernel (OstreeSysroot *sysroot,
return FALSE;
if (errno == ENOENT)
{
- if (!install_into_boot (sepolicy, kernel_layout->boot_dfd, kernel_layout->kernel_srcpath,
+ if (!install_into_boot (repo, sepolicy, kernel_layout->boot_dfd, kernel_layout->kernel_srcpath,
bootcsum_dfd, kernel_layout->kernel_namever,
sysroot->debug_flags,
cancellable, error))
@@ -1677,7 +1720,7 @@ install_deployment_kernel (OstreeSysroot *sysroot,
return FALSE;
if (errno == ENOENT)
{
- if (!install_into_boot (sepolicy, kernel_layout->boot_dfd, kernel_layout->initramfs_srcpath,
+ if (!install_into_boot (repo, sepolicy, kernel_layout->boot_dfd, kernel_layout->initramfs_srcpath,
bootcsum_dfd, kernel_layout->initramfs_namever,
sysroot->debug_flags,
cancellable, error))
@@ -1692,7 +1735,7 @@ install_deployment_kernel (OstreeSysroot *sysroot,
return FALSE;
if (errno == ENOENT)
{
- if (!install_into_boot (sepolicy, kernel_layout->boot_dfd, kernel_layout->devicetree_srcpath,
+ if (!install_into_boot (repo, sepolicy, kernel_layout->boot_dfd, kernel_layout->devicetree_srcpath,
bootcsum_dfd, kernel_layout->devicetree_namever,
sysroot->debug_flags,
cancellable, error))
@@ -1706,7 +1749,7 @@ install_deployment_kernel (OstreeSysroot *sysroot,
return FALSE;
if (errno == ENOENT)
{
- if (!install_into_boot (sepolicy, kernel_layout->boot_dfd, kernel_layout->kernel_hmac_srcpath,
+ if (!install_into_boot (repo, sepolicy, kernel_layout->boot_dfd, kernel_layout->kernel_hmac_srcpath,
bootcsum_dfd, kernel_layout->kernel_hmac_namever,
sysroot->debug_flags,
cancellable, error))
@@ -2217,7 +2260,10 @@ ostree_sysroot_write_deployments_with_options (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
- g_assert (self->loaded);
+ g_assert (self->loadstate == OSTREE_SYSROOT_LOAD_STATE_LOADED);
+
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
/* Dealing with the staged deployment is quite tricky here. This function is
* primarily concerned with writing out "finalized" deployments which have
@@ -2374,7 +2420,6 @@ ostree_sysroot_write_deployments_with_options (OstreeSysroot *self,
if (boot_was_ro_mount)
{
- /* TODO: Use new mount namespace. https://github.com/ostreedev/ostree/issues/1265 */
if (mount ("/boot", "/boot", NULL, MS_REMOUNT | MS_SILENT, NULL) < 0)
return glnx_throw_errno_prefix (error, "Remounting /boot read-write");
}
@@ -2408,8 +2453,10 @@ ostree_sysroot_write_deployments_with_options (OstreeSysroot *self,
/* Note equivalent of try/finally here */
gboolean success = write_deployments_bootswap (self, new_deployments, opts, bootloader,
&syncstats, cancellable, error);
- /* Below here don't set GError until the if (!success) check */
- if (boot_was_ro_mount)
+ /* Below here don't set GError until the if (!success) check.
+ * Note we only bother remounting if a mount namespace isn't in use.
+ * */
+ if (boot_was_ro_mount && !self->mount_namespace_in_use)
{
if (mount ("/boot", "/boot", NULL, MS_REMOUNT | MS_RDONLY | MS_SILENT, NULL) < 0)
{
@@ -2716,6 +2763,9 @@ ostree_sysroot_deploy_tree (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
+
g_autoptr(OstreeDeployment) deployment = NULL;
if (!sysroot_initialize_deployment (self, osname, revision, origin, override_kernel_argv,
&deployment, cancellable, error))
@@ -2817,6 +2867,9 @@ ostree_sysroot_stage_tree (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
+
OstreeDeployment *booted_deployment = ostree_sysroot_get_booted_deployment (self);
if (booted_deployment == NULL)
return glnx_throw (error, "Cannot stage a deployment when not currently booted into an OSTree system");
@@ -3043,6 +3096,9 @@ ostree_sysroot_deployment_set_kargs (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
+
/* For now; instead of this do a redeployment */
g_assert (!ostree_deployment_is_staged (deployment));
@@ -3090,6 +3146,8 @@ ostree_sysroot_deployment_set_mutable (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
if (g_cancellable_set_error_if_cancelled (cancellable, error))
return FALSE;
diff --git a/src/libostree/ostree-sysroot-private.h b/src/libostree/ostree-sysroot-private.h
index 858673c5..96670b13 100644
--- a/src/libostree/ostree-sysroot-private.h
+++ b/src/libostree/ostree-sysroot-private.h
@@ -40,6 +40,12 @@ typedef enum {
OSTREE_SYSROOT_DEBUG_TEST_STAGED_PATH = 1 << 3,
} OstreeSysrootDebugFlags;
+typedef enum {
+ OSTREE_SYSROOT_LOAD_STATE_NONE, /* ostree_sysroot_new() was called */
+ OSTREE_SYSROOT_LOAD_STATE_INIT, /* We've loaded basic sysroot state and have an fd */
+ OSTREE_SYSROOT_LOAD_STATE_LOADED, /* We've loaded all of the deployments */
+} OstreeSysrootLoadState;
+
/**
* OstreeSysroot:
* Internal struct
@@ -51,7 +57,8 @@ struct OstreeSysroot {
int sysroot_fd;
GLnxLockFile lock;
- gboolean loaded;
+ OstreeSysrootLoadState loadstate;
+ gboolean mount_namespace_in_use; /* TRUE if caller has told us they used CLONE_NEWNS */
gboolean root_is_ostree_booted; /* TRUE if sysroot is / and we are booted via ostree */
/* The device/inode for /, used to detect booted deployment */
dev_t root_device;
@@ -79,6 +86,10 @@ struct OstreeSysroot {
#define _OSTREE_SYSROOT_DEPLOYMENT_RUNSTATE_DIR "/run/ostree/deployment-state/"
#define _OSTREE_SYSROOT_DEPLOYMENT_RUNSTATE_FLAG_DEVELOPMENT "unlocked-development"
+gboolean
+_ostree_sysroot_ensure_writable (OstreeSysroot *self,
+ GError **error);
+
void
_ostree_sysroot_emit_journal_msg (OstreeSysroot *self,
const char *msg);
diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c
index 1c9dbf37..55a61014 100644
--- a/src/libostree/ostree-sysroot.c
+++ b/src/libostree/ostree-sysroot.c
@@ -226,6 +226,33 @@ ostree_sysroot_new_default (void)
return ostree_sysroot_new (NULL);
}
+/**
+ * ostree_sysroot_set_mount_namespace_in_use:
+ *
+ * If this function is invoked, then libostree will assume that
+ * a private Linux mount namespace has been created by the process.
+ * The primary use case for this is to have e.g. /sysroot mounted
+ * read-only by default.
+ *
+ * If this function has been called, then when a function which requires
+ * writable access is invoked, libostree will automatically remount as writable
+ * any mount points on which it operates. This currently is just `/sysroot` and
+ * `/boot`.
+ *
+ * If you invoke this function, it must be before ostree_sysroot_load(); it may
+ * be invoked before or after ostree_sysroot_initialize().
+ *
+ * Since: 2020.1
+ */
+void
+ostree_sysroot_set_mount_namespace_in_use (OstreeSysroot *self)
+{
+ /* Must be before we're loaded, as otherwise we'd have to close/reopen all our
+ fds, e.g. the repo */
+ g_return_if_fail (self->loadstate < OSTREE_SYSROOT_LOAD_STATE_LOADED);
+ self->mount_namespace_in_use = TRUE;
+}
+
/**
* ostree_sysroot_get_path:
* @self:
@@ -238,6 +265,7 @@ ostree_sysroot_get_path (OstreeSysroot *self)
return self->path;
}
+/* Open a directory file descriptor for the sysroot if we haven't yet */
static gboolean
ensure_sysroot_fd (OstreeSysroot *self,
GError **error)
@@ -251,13 +279,51 @@ ensure_sysroot_fd (OstreeSysroot *self,
return TRUE;
}
+/* Remount /sysroot read-write if necessary */
+gboolean
+_ostree_sysroot_ensure_writable (OstreeSysroot *self,
+ GError **error)
+{
+ /* Do nothing if no mount namespace is in use */
+ if (!self->mount_namespace_in_use)
+ return TRUE;
+
+ /* If a mount namespace is in use, ensure we're initialized */
+ if (!ostree_sysroot_initialize (self, error))
+ return FALSE;
+
+ /* If we aren't operating on a booted system, then we don't
+ * do anything with mounts.
+ */
+ if (!self->root_is_ostree_booted)
+ return TRUE;
+
+ /* Check if /sysroot is a read-only mountpoint */
+ struct statvfs stvfsbuf;
+ if (statvfs ("/sysroot", &stvfsbuf) < 0)
+ return glnx_throw_errno_prefix (error, "fstatvfs(/sysroot)");
+ if ((stvfsbuf.f_flag & ST_RDONLY) == 0)
+ return TRUE;
+
+ /* OK, let's remount writable. */
+ if (mount ("/sysroot", "/sysroot", NULL, MS_REMOUNT | MS_RELATIME, "") < 0)
+ return glnx_throw_errno_prefix (error, "Remounting /sysroot read-write");
+
+ /* Reopen our fd */
+ glnx_close_fd (&self->sysroot_fd);
+ if (!ensure_sysroot_fd (self, error))
+ return FALSE;
+
+ return TRUE;
+}
+
/**
* ostree_sysroot_get_fd:
* @self: Sysroot
*
- * Access a file descriptor that refers to the root directory of this
- * sysroot. ostree_sysroot_load() must have been invoked prior to
- * calling this function.
+ * Access a file descriptor that refers to the root directory of this sysroot.
+ * ostree_sysroot_initialize() (or ostree_sysroot_load()) must have been invoked
+ * prior to calling this function.
*
* Returns: A file descriptor valid for the lifetime of @self
*/
@@ -268,6 +334,22 @@ ostree_sysroot_get_fd (OstreeSysroot *self)
return self->sysroot_fd;
}
+/**
+ * ostree_sysroot_is_booted:
+ * @self: Sysroot
+ *
+ * Can only be invoked after `ostree_sysroot_initialize()`.
+ *
+ * Returns: %TRUE iff the sysroot points to a booted deployment
+ * Since: 2020.1
+ */
+gboolean
+ostree_sysroot_is_booted (OstreeSysroot *self)
+{
+ g_return_val_if_fail (self->loadstate >= OSTREE_SYSROOT_LOAD_STATE_INIT, FALSE);
+ return self->root_is_ostree_booted;
+}
+
gboolean
_ostree_sysroot_bump_mtime (OstreeSysroot *self,
GError **error)
@@ -798,6 +880,57 @@ ensure_repo (OstreeSysroot *self,
return TRUE;
}
+/**
+ * ostree_sysroot_initialize:
+ * @self: sysroot
+ *
+ * Subset of ostree_sysroot_load(); performs basic initialization. Notably, one
+ * can invoke `ostree_sysroot_get_fd()` after calling this function.
+ *
+ * It is not necessary to call this function if ostree_sysroot_load() is
+ * invoked.
+ *
+ * Since: 2020.1
+ */
+gboolean
+ostree_sysroot_initialize (OstreeSysroot *self,
+ GError **error)
+{
+ if (!ensure_sysroot_fd (self, error))
+ return FALSE;
+
+ if (self->loadstate < OSTREE_SYSROOT_LOAD_STATE_INIT)
+ {
+ /* Gather some global state; first if we have the global ostree-booted flag;
+ * we'll use it to sanity check that we found a booted deployment for example.
+ * Second, we also find out whether sysroot == /.
+ */
+ if (!glnx_fstatat_allow_noent (AT_FDCWD, "/run/ostree-booted", NULL, 0, error))
+ return FALSE;
+ const gboolean ostree_booted = (errno == 0);
+
+ { struct stat root_stbuf;
+ if (!glnx_fstatat (AT_FDCWD, "/", &root_stbuf, 0, error))
+ return FALSE;
+ self->root_device = root_stbuf.st_dev;
+ self->root_inode = root_stbuf.st_ino;
+ }
+
+ struct stat self_stbuf;
+ if (!glnx_fstatat (AT_FDCWD, gs_file_get_path_cached (self->path), &self_stbuf, 0, error))
+ return FALSE;
+
+ const gboolean root_is_sysroot =
+ (self->root_device == self_stbuf.st_dev &&
+ self->root_inode == self_stbuf.st_ino);
+
+ self->root_is_ostree_booted = (ostree_booted && root_is_sysroot);
+ self->loadstate = OSTREE_SYSROOT_LOAD_STATE_INIT;
+ }
+
+ return TRUE;
+}
+
/* Reload the staged deployment from the file in /run */
gboolean
_ostree_sysroot_reload_staged (OstreeSysroot *self,
@@ -870,7 +1003,7 @@ ostree_sysroot_load_if_changed (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
- if (!ensure_sysroot_fd (self, error))
+ if (!ostree_sysroot_initialize (self, error))
return FALSE;
/* Here we also lazily initialize the repository. We didn't do this
@@ -880,34 +1013,6 @@ ostree_sysroot_load_if_changed (OstreeSysroot *self,
if (!ensure_repo (self, error))
return FALSE;
- /* Gather some global state; first if we have the global ostree-booted flag;
- * we'll use it to sanity check that we found a booted deployment for example.
- * Second, we also find out whether sysroot == /.
- */
- if (!self->loaded)
- {
- if (!glnx_fstatat_allow_noent (AT_FDCWD, "/run/ostree-booted", NULL, 0, error))
- return FALSE;
- const gboolean ostree_booted = (errno == 0);
-
- { struct stat root_stbuf;
- if (!glnx_fstatat (AT_FDCWD, "/", &root_stbuf, 0, error))
- return FALSE;
- self->root_device = root_stbuf.st_dev;
- self->root_inode = root_stbuf.st_ino;
- }
-
- struct stat self_stbuf;
- if (!glnx_fstat (self->sysroot_fd, &self_stbuf, error))
- return FALSE;
-
- const gboolean root_is_sysroot =
- (self->root_device == self_stbuf.st_dev &&
- self->root_inode == self_stbuf.st_ino);
-
- self->root_is_ostree_booted = (ostree_booted && root_is_sysroot);
- }
-
int bootversion = 0;
if (!read_current_bootversion (self, &bootversion, cancellable, error))
return FALSE;
@@ -990,8 +1095,8 @@ ostree_sysroot_load_if_changed (OstreeSysroot *self,
ostree_deployment_set_index (deployment, i);
}
- /* Determine whether we're "physical" or not, the first time we initialize */
- if (!self->loaded)
+ /* Determine whether we're "physical" or not, the first time we load deployments */
+ if (self->loadstate < OSTREE_SYSROOT_LOAD_STATE_LOADED)
{
/* If we have a booted deployment, the sysroot is / and we're definitely
* not physical.
@@ -1009,13 +1114,14 @@ ostree_sysroot_load_if_changed (OstreeSysroot *self,
self->is_physical = TRUE;
}
/* Otherwise, the default is FALSE */
+
+ self->loadstate = OSTREE_SYSROOT_LOAD_STATE_LOADED;
}
self->bootversion = bootversion;
self->subbootversion = subbootversion;
self->deployments = deployments;
deployments = NULL; /* Transfer ownership */
- self->loaded = TRUE;
self->loaded_ts = stbuf.st_mtim;
if (out_changed)
@@ -1044,7 +1150,7 @@ ostree_sysroot_get_subbootversion (OstreeSysroot *self)
OstreeDeployment *
ostree_sysroot_get_booted_deployment (OstreeSysroot *self)
{
- g_return_val_if_fail (self->loaded, NULL);
+ g_return_val_if_fail (self->loadstate == OSTREE_SYSROOT_LOAD_STATE_LOADED, NULL);
return self->booted_deployment;
}
@@ -1060,7 +1166,7 @@ ostree_sysroot_get_booted_deployment (OstreeSysroot *self)
OstreeDeployment *
ostree_sysroot_get_staged_deployment (OstreeSysroot *self)
{
- g_return_val_if_fail (self->loaded, NULL);
+ g_return_val_if_fail (self->loadstate == OSTREE_SYSROOT_LOAD_STATE_LOADED, NULL);
return self->staged_deployment;
}
@@ -1074,7 +1180,7 @@ ostree_sysroot_get_staged_deployment (OstreeSysroot *self)
GPtrArray *
ostree_sysroot_get_deployments (OstreeSysroot *self)
{
- g_return_val_if_fail (self->loaded, NULL);
+ g_return_val_if_fail (self->loadstate == OSTREE_SYSROOT_LOAD_STATE_LOADED, NULL);
GPtrArray *copy = g_ptr_array_new_with_free_func ((GDestroyNotify)g_object_unref);
for (guint i = 0; i < self->deployments->len; i++)
@@ -1163,8 +1269,8 @@ ostree_sysroot_get_repo (OstreeSysroot *self,
* @self: Sysroot
*
* This function is a variant of ostree_sysroot_get_repo() that cannot fail, and
- * returns a cached repository. Can only be called after ostree_sysroot_load()
- * has been invoked successfully.
+ * returns a cached repository. Can only be called after ostree_sysroot_initialize()
+ * or ostree_sysroot_load() has been invoked successfully.
*
* Returns: (transfer none): The OSTree repository in sysroot @self.
*
@@ -1173,7 +1279,7 @@ ostree_sysroot_get_repo (OstreeSysroot *self,
OstreeRepo *
ostree_sysroot_repo (OstreeSysroot *self)
{
- g_return_val_if_fail (self->loaded, NULL);
+ g_return_val_if_fail (self->loadstate >= OSTREE_SYSROOT_LOAD_STATE_LOADED, NULL);
g_assert (self->repo);
return self->repo;
}
@@ -1368,6 +1474,10 @@ ostree_sysroot_lock (OstreeSysroot *self,
{
if (!ensure_sysroot_fd (self, error))
return FALSE;
+
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
+
return glnx_make_lock_file (self->sysroot_fd, OSTREE_SYSROOT_LOCKFILE,
LOCK_EX, &self->lock, error);
}
@@ -1391,12 +1501,14 @@ ostree_sysroot_try_lock (OstreeSysroot *self,
gboolean *out_acquired,
GError **error)
{
- g_autoptr(GError) local_error = NULL;
-
if (!ensure_sysroot_fd (self, error))
return FALSE;
+ if (!_ostree_sysroot_ensure_writable (self, error))
+ return FALSE;
+
/* Note use of LOCK_NB */
+ g_autoptr(GError) local_error = NULL;
if (!glnx_make_lock_file (self->sysroot_fd, OSTREE_SYSROOT_LOCKFILE,
LOCK_EX | LOCK_NB, &self->lock, &local_error))
{
@@ -1509,7 +1621,7 @@ ostree_sysroot_init_osname (OstreeSysroot *self,
GCancellable *cancellable,
GError **error)
{
- if (!ensure_sysroot_fd (self, error))
+ if (!_ostree_sysroot_ensure_writable (self, error))
return FALSE;
const char *deploydir = glnx_strjoina ("ostree/deploy/", osname);
diff --git a/src/libostree/ostree-sysroot.h b/src/libostree/ostree-sysroot.h
index 502cd750..af8192fc 100644
--- a/src/libostree/ostree-sysroot.h
+++ b/src/libostree/ostree-sysroot.h
@@ -41,12 +41,22 @@ OstreeSysroot* ostree_sysroot_new (GFile *path);
_OSTREE_PUBLIC
OstreeSysroot* ostree_sysroot_new_default (void);
+_OSTREE_PUBLIC
+void ostree_sysroot_set_mount_namespace_in_use (OstreeSysroot *self);
+
_OSTREE_PUBLIC
GFile *ostree_sysroot_get_path (OstreeSysroot *self);
+_OSTREE_PUBLIC
+gboolean ostree_sysroot_is_booted (OstreeSysroot *self);
+
_OSTREE_PUBLIC
int ostree_sysroot_get_fd (OstreeSysroot *self);
+_OSTREE_PUBLIC
+gboolean ostree_sysroot_initialize (OstreeSysroot *self,
+ GError **error);
+
_OSTREE_PUBLIC
gboolean ostree_sysroot_load (OstreeSysroot *self,
GCancellable *cancellable,
@@ -90,6 +100,10 @@ GFile * ostree_sysroot_get_deployment_origin_path (GFile *deployment_path);
_OSTREE_PUBLIC
gboolean ostree_sysroot_lock (OstreeSysroot *self, GError **error);
+
+_OSTREE_PUBLIC
+gboolean ostree_sysroot_lock_with_mount_namespace (OstreeSysroot *self, GError **error);
+
_OSTREE_PUBLIC
gboolean ostree_sysroot_try_lock (OstreeSysroot *self,
gboolean *out_acquired,
diff --git a/src/libostree/ostree-version.h b/src/libostree/ostree-version.h
index e828c885..be52a9d9 100644
--- a/src/libostree/ostree-version.h
+++ b/src/libostree/ostree-version.h
@@ -34,7 +34,7 @@
*
* Since: 2017.4
*/
-#define OSTREE_YEAR_VERSION (2019)
+#define OSTREE_YEAR_VERSION (2020)
/**
* OSTREE_RELEASE_VERSION:
@@ -43,7 +43,7 @@
*
* Since: 2017.4
*/
-#define OSTREE_RELEASE_VERSION (6)
+#define OSTREE_RELEASE_VERSION (2)
/**
* OSTREE_VERSION
@@ -52,7 +52,7 @@
*
* Since: 2017.4
*/
-#define OSTREE_VERSION (2019.6)
+#define OSTREE_VERSION (2020.2)
/**
* OSTREE_VERSION_S:
@@ -62,7 +62,7 @@
*
* Since: 2017.4
*/
-#define OSTREE_VERSION_S "2019.6"
+#define OSTREE_VERSION_S "2020.2"
#define OSTREE_ENCODE_VERSION(year,release) \
((year) << 16 | (release))
@@ -100,4 +100,4 @@
*
* Since: 2019.3
*/
-#define OSTREE_BUILT_FEATURES "libcurl libsoup gpgme libarchive selinux openssl libmount release p2p"
+#define OSTREE_BUILT_FEATURES "libcurl libsoup gpgme ex-fsverity libarchive selinux openssl libmount systemd release p2p"
diff --git a/src/ostree/ostree-trivial-httpd.c b/src/ostree/ostree-trivial-httpd.c
index 5d3a004e..a38abbea 100644
--- a/src/ostree/ostree-trivial-httpd.c
+++ b/src/ostree/ostree-trivial-httpd.c
@@ -494,6 +494,7 @@ on_dir_changed (GFileMonitor *mon,
if (event == G_FILE_MONITOR_EVENT_DELETED)
{
+ httpd_log (self, "root directory removed, exiting\n");
self->running = FALSE;
g_main_context_wakeup (NULL);
}
@@ -507,6 +508,7 @@ run (int argc, char **argv, GCancellable *cancellable, GError **error)
const char *dirpath;
OtTrivialHttpd appstruct = { 0, };
OtTrivialHttpd *app = &appstruct;
+ int pipefd[2] = { -1, -1 };
glnx_unref_object SoupServer *server = NULL;
g_autoptr(GFileMonitor) dirmon = NULL;
@@ -540,17 +542,86 @@ run (int argc, char **argv, GCancellable *cancellable, GError **error)
goto out;
}
+ if (opt_daemonize && (g_strcmp0 (opt_log, "-") == 0))
+ {
+ ot_util_usage_error (context, "Cannot use --log-file=- and --daemonize at the same time", error);
+ goto out;
+ }
+
+ /* Fork early before glib sets up its worker context and thread since they'll
+ * be gone once the parent exits. The parent waits on a pipe with the child to
+ * handle setup errors. The child writes a 0 when setup is successful and a 1
+ * otherwise.
+ */
+ if (opt_daemonize)
+ {
+ if (pipe (pipefd) == -1)
+ {
+ glnx_set_error_from_errno (error);
+ goto out;
+ }
+
+ pid_t pid = fork();
+ if (pid == -1)
+ {
+ glnx_set_error_from_errno (error);
+ goto out;
+ }
+ else if (pid > 0)
+ {
+ /* Parent, read the child status from the pipe */
+ glnx_close_fd (&pipefd[1]);
+ guint8 buf;
+ int res = TEMP_FAILURE_RETRY (read (pipefd[0], &buf, 1));
+ if (res < 0)
+ {
+ glnx_set_error_from_errno (error);
+ goto out;
+ }
+ else if (res == 0)
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Child process closed pipe without writing status");
+ goto out;
+ }
+
+ g_debug ("Read %u from child", buf);
+ if (buf > 0)
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
+ "Child process failed during setup");
+ goto out;
+ }
+ glnx_close_fd (&pipefd[0]);
+
+ ret = TRUE;
+ goto out;
+ }
+
+ /* Child, continue */
+ glnx_close_fd (&pipefd[0]);
+ }
+ else
+ {
+ /* Since we're used for testing purposes, let's just do this by
+ * default. This ensures we exit when our parent does.
+ */
+ if (prctl (PR_SET_PDEATHSIG, SIGTERM) != 0)
+ {
+ if (errno != ENOSYS)
+ {
+ glnx_set_error_from_errno (error);
+ goto out;
+ }
+ }
+ }
+
if (opt_log)
{
GOutputStream *stream = NULL;
if (g_strcmp0 (opt_log, "-") == 0)
{
- if (opt_daemonize)
- {
- ot_util_usage_error (context, "Cannot use --log-file=- and --daemonize at the same time", error);
- goto out;
- }
stream = G_OUTPUT_STREAM (g_unix_output_stream_new (STDOUT_FILENO, FALSE));
}
else
@@ -625,45 +696,39 @@ run (int argc, char **argv, GCancellable *cancellable, GError **error)
#if !SOUP_CHECK_VERSION(2, 48, 0)
soup_server_run_async (server);
#endif
-
+
if (opt_daemonize)
{
- pid_t pid = fork();
- if (pid == -1)
+ /* Write back a 0 to the pipe to indicate setup was successful. */
+ guint8 buf = 0;
+ g_debug ("Writing %u to parent", buf);
+ if (TEMP_FAILURE_RETRY (write (pipefd[1], &buf, 1)) == -1)
{
- int errsv = errno;
- g_set_error_literal (error, G_IO_ERROR, g_io_error_from_errno (errsv),
- g_strerror (errsv));
+ glnx_set_error_from_errno (error);
goto out;
}
- else if (pid > 0)
- {
- ret = TRUE;
- goto out;
- }
- /* Child, continue */
+ glnx_close_fd (&pipefd[1]);
+
if (setsid () < 0)
- err (1, "setsid");
+ {
+ glnx_set_prefix_error_from_errno (error, "%s", "setsid: ");
+ goto out;
+ }
/* Daemonising: close stdout/stderr so $() et al work on us */
if (freopen("/dev/null", "r", stdin) == NULL)
- err (1, "freopen");
- if (freopen("/dev/null", "w", stdout) == NULL)
- err (1, "freopen");
- if (freopen("/dev/null", "w", stderr) == NULL)
- err (1, "freopen");
- }
- else
- {
- /* Since we're used for testing purposes, let's just do this by
- * default. This ensures we exit when our parent does.
- */
- if (prctl (PR_SET_PDEATHSIG, SIGTERM) != 0)
{
- if (errno != ENOSYS)
- {
- glnx_set_error_from_errno (error);
- goto out;
- }
+ glnx_set_prefix_error_from_errno (error, "%s", "freopen: ");
+ goto out;
+ }
+ if (freopen("/dev/null", "w", stdout) == NULL)
+ {
+ glnx_set_prefix_error_from_errno (error, "%s", "freopen: ");
+ goto out;
+ }
+ if (freopen("/dev/null", "w", stderr) == NULL)
+ {
+ glnx_set_prefix_error_from_errno (error, "%s", "freopen: ");
+ goto out;
}
}
@@ -699,6 +764,21 @@ run (int argc, char **argv, GCancellable *cancellable, GError **error)
ret = TRUE;
out:
+ if (pipefd[0] >= 0)
+ {
+ /* Read end in the parent. This should only be open on errors. */
+ g_assert_false (ret);
+ glnx_close_fd (&pipefd[0]);
+ }
+ if (pipefd[1] >= 0)
+ {
+ /* Write end in the child. This should only be open on errors. */
+ g_assert_false (ret);
+ guint8 buf = 1;
+ g_debug ("Writing %u to parent", buf);
+ (void) TEMP_FAILURE_RETRY (write (pipefd[1], &buf, 1));
+ glnx_close_fd (&pipefd[1]);
+ }
if (app->root_dfd != -1)
(void) close (app->root_dfd);
g_clear_object (&app->log);
diff --git a/src/ostree/ot-admin-builtin-finalize-staged.c b/src/ostree/ot-admin-builtin-finalize-staged.c
index 6740f82a..3cea1bdb 100644
--- a/src/ostree/ot-admin-builtin-finalize-staged.c
+++ b/src/ostree/ot-admin-builtin-finalize-staged.c
@@ -34,6 +34,10 @@
#include "ostree-cmdprivate.h"
#include "ostree.h"
+static GOptionEntry options[] = {
+ { NULL }
+};
+
/* Called by ostree-finalize-staged.service, and in turn
* invokes a cmdprivate function inside the shared library.
*/
@@ -46,11 +50,13 @@ ot_admin_builtin_finalize_staged (int argc, char **argv, OstreeCommandInvocation
if (fstatat (AT_FDCWD, "/run/ostree-booted", &stbuf, 0) < 0)
return TRUE;
- g_autoptr(GFile) sysroot_file = g_file_new_for_path ("/");
- g_autoptr(OstreeSysroot) sysroot = ostree_sysroot_new (sysroot_file);
-
- if (!ostree_sysroot_load (sysroot, cancellable, error))
+ g_autoptr(GOptionContext) context = g_option_context_new ("");
+ g_autoptr(OstreeSysroot) sysroot = NULL;
+ if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
+ invocation, &sysroot, cancellable, error))
return FALSE;
+
if (!ostree_cmd__private__()->ostree_finalize_staged (sysroot, cancellable, error))
return FALSE;
diff --git a/src/ostree/ot-builtin-show.c b/src/ostree/ot-builtin-show.c
index 5091a93c..96e2d4c6 100644
--- a/src/ostree/ot-builtin-show.c
+++ b/src/ostree/ot-builtin-show.c
@@ -33,6 +33,7 @@ static gboolean opt_print_related;
static char* opt_print_variant_type;
static char* opt_print_metadata_key;
static char* opt_print_detached_metadata_key;
+static gboolean opt_print_sizes;
static gboolean opt_raw;
static gboolean opt_no_byteswap;
static char *opt_gpg_homedir;
@@ -48,6 +49,7 @@ static GOptionEntry options[] = {
{ "print-variant-type", 0, 0, G_OPTION_ARG_STRING, &opt_print_variant_type, "Memory map OBJECT (in this case a filename) to the GVariant type string", "TYPE" },
{ "print-metadata-key", 0, 0, G_OPTION_ARG_STRING, &opt_print_metadata_key, "Print string value of metadata key", "KEY" },
{ "print-detached-metadata-key", 0, 0, G_OPTION_ARG_STRING, &opt_print_detached_metadata_key, "Print string value of detached metadata key", "KEY" },
+ { "print-sizes", 0, 0, G_OPTION_ARG_NONE, &opt_print_sizes, "Show the commit size metadata", NULL },
{ "raw", 0, 0, G_OPTION_ARG_NONE, &opt_raw, "Show raw variant data" },
{ "no-byteswap", 'B', 0, G_OPTION_ARG_NONE, &opt_no_byteswap, "Do not automatically convert variant data from big endian" },
{ "gpg-homedir", 0, 0, G_OPTION_ARG_FILENAME, &opt_gpg_homedir, "GPG Homedir to use when looking for keyrings", "HOMEDIR"},
@@ -146,6 +148,65 @@ do_print_metadata_key (OstreeRepo *repo,
return TRUE;
}
+static gboolean
+do_print_sizes (OstreeRepo *repo,
+ const char *rev,
+ GError **error)
+{
+ g_autoptr(GVariant) commit = NULL;
+ if (!ostree_repo_load_variant (repo, OSTREE_OBJECT_TYPE_COMMIT, rev,
+ &commit, error))
+ {
+ g_prefix_error (error, "Failed to read commit: ");
+ return FALSE;
+ }
+
+ g_autoptr(GPtrArray) sizes = NULL;
+ if (!ostree_commit_get_object_sizes (commit, &sizes, error))
+ return FALSE;
+
+ gint64 new_archived = 0;
+ gint64 new_unpacked = 0;
+ gsize new_objects = 0;
+ gint64 archived = 0;
+ gint64 unpacked = 0;
+ gsize objects = 0;
+ for (guint i = 0; i < sizes->len; i++)
+ {
+ OstreeCommitSizesEntry *entry = sizes->pdata[i];
+
+ archived += entry->archived;
+ unpacked += entry->unpacked;
+ objects++;
+
+ gboolean exists;
+ if (!ostree_repo_has_object (repo, entry->objtype, entry->checksum,
+ &exists, NULL, error))
+ return FALSE;
+
+ if (!exists)
+ {
+ /* Object not in local repo */
+ new_archived += entry->archived;
+ new_unpacked += entry->unpacked;
+ new_objects++;
+ }
+ }
+
+ g_autofree char *new_archived_str = g_format_size (new_archived);
+ g_autofree char *archived_str = g_format_size (archived);
+ g_autofree char *new_unpacked_str = g_format_size (new_unpacked);
+ g_autofree char *unpacked_str = g_format_size (unpacked);
+ g_print ("Compressed size (needed/total): %s/%s\n"
+ "Unpacked size (needed/total): %s/%s\n"
+ "Number of objects (needed/total): %" G_GSIZE_FORMAT "/%" G_GSIZE_FORMAT "\n",
+ new_archived_str, archived_str,
+ new_unpacked_str, unpacked_str,
+ new_objects, objects);
+
+ return TRUE;
+}
+
static gboolean
print_object (OstreeRepo *repo,
OstreeObjectType objtype,
@@ -279,6 +340,14 @@ ostree_builtin_show (int argc, char **argv, OstreeCommandInvocation *invocation,
if (!do_print_variant_generic (G_VARIANT_TYPE (opt_print_variant_type), rev, error))
return FALSE;
}
+ else if (opt_print_sizes)
+ {
+ if (!ostree_repo_resolve_rev (repo, rev, FALSE, &resolved_rev, error))
+ return FALSE;
+
+ if (!do_print_sizes (repo, resolved_rev, error))
+ return FALSE;
+ }
else
{
gboolean found = FALSE;
diff --git a/src/ostree/ot-main.c b/src/ostree/ot-main.c
index 4b72f399..a044cef2 100644
--- a/src/ostree/ot-main.c
+++ b/src/ostree/ot-main.c
@@ -27,6 +27,7 @@
#include
#include
+#include
#include "ot-main.h"
#include "ostree.h"
@@ -434,10 +435,46 @@ ostree_admin_option_context_parse (GOptionContext *context,
sysroot_path = g_file_new_for_path (opt_sysroot);
g_autoptr(OstreeSysroot) sysroot = ostree_sysroot_new (sysroot_path);
+ if (!ostree_sysroot_initialize (sysroot, error))
+ return FALSE;
g_signal_connect (sysroot, "journal-msg", G_CALLBACK (on_sysroot_journal_msg), NULL);
if ((flags & OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED) == 0)
{
+ /* If we're requested to lock the sysroot, first check if we're operating
+ * on a booted (not physical) sysroot. Then find out if the /sysroot
+ * subdir is a read-only mount point, and if so, create a new mount
+ * namespace and tell the sysroot that we've done so. See the docs for
+ * ostree_sysroot_set_mount_namespace_in_use().
+ *
+ * This is a conservative approach; we could just always
+ * unshare() too.
+ */
+ if (ostree_sysroot_is_booted (sysroot))
+ {
+ int sysroot_fd = ostree_sysroot_get_fd (sysroot);
+ g_assert_cmpint (sysroot_fd, !=, -1);
+
+ glnx_autofd int sysroot_subdir_fd = glnx_opendirat_with_errno (sysroot_fd, "sysroot", TRUE);
+ if (sysroot_subdir_fd < 0)
+ {
+ if (errno != ENOENT)
+ return glnx_throw_errno_prefix (error, "opendirat");
+ }
+ else if (getuid () == 0)
+ {
+ struct statvfs stvfs;
+ if (fstatvfs (sysroot_subdir_fd, &stvfs) < 0)
+ return glnx_throw_errno_prefix (error, "fstatvfs");
+ if (stvfs.f_flag & ST_RDONLY)
+ {
+ if (unshare (CLONE_NEWNS) < 0)
+ return glnx_throw_errno_prefix (error, "preparing writable sysroot: unshare (CLONE_NEWNS)");
+ ostree_sysroot_set_mount_namespace_in_use (sysroot);
+ }
+ }
+ }
+
/* Released when sysroot is finalized, or on process exit */
if (!ot_admin_sysroot_lock (sysroot, error))
return FALSE;
diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c
index 33c46ff4..c25d3fe9 100644
--- a/src/switchroot/ostree-prepare-root.c
+++ b/src/switchroot/ostree-prepare-root.c
@@ -29,6 +29,28 @@
* Boston, MA 02111-1307, USA.
*/
+/* The high level goal of ostree-prepare-root.service is to run inside
+ * the initial ram disk (if one is in use) and set up the `/` mountpoint
+ * to be the deployment root, using the ostree= kernel commandline
+ * argument to find the target deployment root.
+ *
+ * It's really the heart of how ostree works - basically multiple
+ * hardlinked chroot() targets are maintained, this one does the equivalent
+ * of chroot().
+ *
+ * If using systemd, an excellent reference is `man bootup`. This
+ * service runs Before=initrd-root-fs.target. At this point it's
+ * assumed that the block storage and root filesystem are mounted at
+ * /sysroot - i.e. /sysroot points to the *physical* root before
+ * this service runs. After, `/` is the deployment root.
+ *
+ * There is also a secondary mode for this service when an initrd isn't
+ * used - instead the binary must be statically linked (and the kernel
+ * must have mounted the rootfs itself) - then we set things up and
+ * exec the real init directly. This can be popular in embedded
+ * systems to increase bootup speed.
+ */
+
#include "config.h"
#include
diff --git a/src/switchroot/ostree-remount.c b/src/switchroot/ostree-remount.c
index 5e6d23d3..326b104f 100644
--- a/src/switchroot/ostree-remount.c
+++ b/src/switchroot/ostree-remount.c
@@ -26,6 +26,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -37,10 +38,14 @@
#include
#include
+#include
+
#include "ostree-mount-util.h"
+#include "glnx-backport-autocleanups.h"
static void
-do_remount (const char *target)
+do_remount (const char *target,
+ bool writable)
{
struct stat stbuf;
if (lstat (target, &stbuf) < 0)
@@ -54,20 +59,41 @@ do_remount (const char *target)
struct statvfs stvfsbuf;
if (statvfs (target, &stvfsbuf) == -1)
return;
- /* If no read-only flag, skip it */
- if ((stvfsbuf.f_flag & ST_RDONLY) == 0)
+
+ const bool currently_writable = ((stvfsbuf.f_flag & ST_RDONLY) == 0);
+ if (writable == currently_writable)
return;
- /* It's a mounted, read-only fs; remount it */
- if (mount (target, target, NULL, MS_REMOUNT | MS_SILENT, NULL) < 0)
+
+ int mnt_flags = MS_REMOUNT | MS_SILENT;
+ if (!writable)
+ mnt_flags |= MS_RDONLY;
+ if (mount (target, target, NULL, mnt_flags, NULL) < 0)
{
/* Also ignore EINVAL - if the target isn't a mountpoint
* already, then assume things are OK.
*/
- if (errno != EINVAL)
- err (EXIT_FAILURE, "failed to remount %s", target);
+ if (errno != EINVAL)
+ err (EXIT_FAILURE, "failed to remount(%s) %s", writable ? "rw" : "ro", target);
+ else
+ return;
}
- else
- printf ("Remounted: %s\n", target);
+
+ printf ("Remounted %s: %s\n", writable ? "rw" : "ro", target);
+}
+
+static bool
+sysroot_is_configured_ro (void)
+{
+ struct stat stbuf;
+ static const char config_path[] = "/ostree/repo/config";
+ if (stat (config_path, &stbuf) != 0)
+ return false;
+
+ g_autoptr(GKeyFile) keyfile = g_key_file_new ();
+ if (!g_key_file_load_from_file (keyfile, config_path, 0, NULL))
+ return false;
+
+ return g_key_file_get_boolean (keyfile, "sysroot", "readonly", NULL);
}
int
@@ -95,8 +121,38 @@ main(int argc, char *argv[])
exit (EXIT_SUCCESS);
}
- do_remount ("/sysroot");
- do_remount ("/var");
+ /* Query the repository configuration - this is an operating system builder
+ * choice.
+ * */
+ const bool sysroot_readonly = sysroot_is_configured_ro ();
+
+ /* Mount the sysroot read-only if we're configured to do so.
+ * Note we only get here if / is already writable.
+ */
+ do_remount ("/sysroot", !sysroot_readonly);
+
+ if (sysroot_readonly)
+ {
+ /* Now, /etc is not normally a bind mount, but remounting the
+ * sysroot above made it read-only since it's on the same filesystem.
+ * Make it a self-bind mount, so we can then mount it read-write.
+ */
+ if (mount ("/etc", "/etc", NULL, MS_BIND, NULL) < 0)
+ err (EXIT_FAILURE, "failed to make /etc a bind mount");
+ do_remount ("/etc", true);
+ }
+
+ /* If /var was created as as an OSTree default bind mount (instead of being a separate filesystem)
+ * then remounting the root mount read-only also remounted it.
+ * So just like /etc, we need to make it read-write by default.
+ * If it was a separate filesystem, we expect it to be writable anyways,
+ * so it doesn't hurt to remount it if so.
+ *
+ * And if we started out with a writable system root, then we need
+ * to ensure that the /var bind mount created by the systemd generator
+ * is writable too.
+ */
+ do_remount ("/var", true);
exit (EXIT_SUCCESS);
}
diff --git a/tests/gpg-verify-data/README.md b/tests/gpg-verify-data/README.md
index d96fbad5..9ca47581 100644
--- a/tests/gpg-verify-data/README.md
+++ b/tests/gpg-verify-data/README.md
@@ -1,5 +1,7 @@
This is a GPG config directory for use with the OstreeGpgVerifyResult
-test cases. The test data (`lgplv2`) is signed with a variety of valid
-and invalid GPG keys in a detached signature file (`lgplv2.sig`).
+test cases. The test data (`lgpl2`) is signed with a variety of valid
+and invalid GPG keys in a detached signature file (`lgpl2.sig`). In
+addition, each detached signature is available in a separate file
+(`lgpgl2.sig`).
The passphrase for all the keys is `redhat`.
diff --git a/tests/gpg-verify-data/lgpl2.sig0 b/tests/gpg-verify-data/lgpl2.sig0
new file mode 100644
index 00000000..375c650a
Binary files /dev/null and b/tests/gpg-verify-data/lgpl2.sig0 differ
diff --git a/tests/gpg-verify-data/lgpl2.sig1 b/tests/gpg-verify-data/lgpl2.sig1
new file mode 100644
index 00000000..83a6227c
Binary files /dev/null and b/tests/gpg-verify-data/lgpl2.sig1 differ
diff --git a/tests/gpg-verify-data/lgpl2.sig2 b/tests/gpg-verify-data/lgpl2.sig2
new file mode 100644
index 00000000..ad0f420c
Binary files /dev/null and b/tests/gpg-verify-data/lgpl2.sig2 differ
diff --git a/tests/gpg-verify-data/lgpl2.sig3 b/tests/gpg-verify-data/lgpl2.sig3
new file mode 100644
index 00000000..5c17ec6f
Binary files /dev/null and b/tests/gpg-verify-data/lgpl2.sig3 differ
diff --git a/tests/gpg-verify-data/lgpl2.sig4 b/tests/gpg-verify-data/lgpl2.sig4
new file mode 100644
index 00000000..2d3989f6
Binary files /dev/null and b/tests/gpg-verify-data/lgpl2.sig4 differ
diff --git a/tests/gpg-verify-data/trustdb.gpg b/tests/gpg-verify-data/trustdb.gpg
index 3f046fad..91f87170 100644
Binary files a/tests/gpg-verify-data/trustdb.gpg and b/tests/gpg-verify-data/trustdb.gpg differ
diff --git a/tests/gpghome/revocations/key1.rev b/tests/gpghome/revocations/key1.rev
new file mode 100644
index 00000000..b918151e
--- /dev/null
+++ b/tests/gpghome/revocations/key1.rev
@@ -0,0 +1,12 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: This is a revocation certificate
+
+iQE9BCABCgAnFiEEXmXedascUBhi1HY0f8oj2Ecs2voFAl0MvqgJHQBUZXN0aW5n
+AAoJEH/KI9hHLNr6/dQH/iPZjfJgFAc/TIR4xE4kB0yL4zdMqxgV1ef/atQDLEN4
+MBiqIltzb8WyG+cpNfNZgFmqXmCRN+1IAla9piixe76ZwOqcQ6S5MU/8nMcyMsD9
+edg+9sg0DH8SEzejVma3ZLfaJ/6ZpU7c6a4vCPNcRBC7PxAvAc0LnAN6KQYGU7GR
+gv2k/JsGYgvmUAajhVFy0jc4jGkhRBHMDksGGFdYY94RATFF4gWtlUXyRYMTXBCf
+eM3bxEeSMbU7lXCZg9zjoxP6XzJuNW1SLz3zL90GnO19uNh8Pf6pHmkCNTO/L1Ua
+Cc6fb3ubtdqgs6an84U/aod1VcK7BNASqZ2gYUsF2KE=
+=owvo
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/gpghome/revocations/key2.rev b/tests/gpghome/revocations/key2.rev
new file mode 100644
index 00000000..9b8960a2
--- /dev/null
+++ b/tests/gpghome/revocations/key2.rev
@@ -0,0 +1,12 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: This is a revocation certificate
+
+iQE9BCABCgAnFiEEezsQINdEeWh/2yJz2CKM/sqVDUEFAl0Mvs4JHQBUZXN0aW5n
+AAoJENgijP7KlQ1BzH4IAMUoTrW6XraDYq/d/b0qa3sZ1NTBPUXLp4gFaedZwKk/
+AKSUCK05RWRQO3HrSvmhdSUF6/9tFLGpbu7P56ihjAnq2vpzRyeNTEGQ02IzfCpM
+SJup0R6iA7KmjiDutDoEgjhAzxCKbnU71SQ3PmjyaQT1KCBCDJVptcY6HDbo0dRN
+vcjTfjtFqkPgqbHyXwGv3rlm4uctSVfACrOS/fKF4Q9Fs4prsUXjQpGLaTHdxhiL
+pMRCTfZ4DBEMwAY7s9FpMpIh9rdOwE+zkv5CsE0uJVZq0WW5r0CBDCta6Sopt6uk
+pIA+QHL9GPOrG2E3SJxyIBC37Sl40MGAJQ1djmecIGk=
+=0KEe
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/gpghome/revocations/key3.rev b/tests/gpghome/revocations/key3.rev
new file mode 100644
index 00000000..66e238a1
--- /dev/null
+++ b/tests/gpghome/revocations/key3.rev
@@ -0,0 +1,12 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: This is a revocation certificate
+
+iQE9BCABCgAnFiEEfSnPBguCac32O/vdDRX6599ETWcFAl0MvuYJHQBUZXN0aW5n
+AAoJEA0V+uffRE1n/p8H/3mmSK2gtbxJ5sfu1z44ra82fLRAUupJzf53dAvvJCEK
+4RSJFtHYu+hoPVFd9bmToxo2YQWe67MMZW7cHtq9D/a755SYOrty//KpXsGS22W/
+ZGatBjl36zuE6BoR18Q6VAMgVBwovPSlSuCEW+Ro8JZYyA/LbA95AnMprNod6Jw9
+VSsGC39au5rUlhEOHLL1Iw3dl4blxa6tf/roljbXzaN+Qh2/ez7Cy532oocak2FL
+bbblBGrIdfYLAXpLqhnQk2vgEHZ+ZylvStBndpLWwEskXhmaHpW7+WapFhLCUOr+
+arzbc9XQ7ghhF9hSoKiToJqU5PRjaOex85BEDwE5gWY=
+=ykAF
+-----END PGP PUBLIC KEY BLOCK-----
diff --git a/tests/libtest-core.sh b/tests/libtest-core.sh
index 46aafab0..945d2857 100644
--- a/tests/libtest-core.sh
+++ b/tests/libtest-core.sh
@@ -41,7 +41,7 @@ assert_not_reached () {
# If we can't find the locale command assume we have support for C.UTF-8
# (e.g. musl based systems)
if type -p locale >/dev/null; then
- export LC_ALL=$(locale -a | grep -Ee '\.(UTF-8|utf8)' | grep -iEe '^(C|en_US)' | head -1 || true)
+ export LC_ALL=$(locale -a | grep -iEe '^(C|en_US)\.(UTF-8|utf8)$' | head -n1 || true)
if [ -z "${LC_ALL}" ]; then fatal "Can't find suitable UTF-8 locale"; fi
else
export LC_ALL=C.UTF-8
diff --git a/tests/libtest.sh b/tests/libtest.sh
index 3f5fd931..c82bf487 100755
--- a/tests/libtest.sh
+++ b/tests/libtest.sh
@@ -78,16 +78,20 @@ unset TAR_OPTIONS
# easily clean up.
export OSTREE_SYSROOT_DEBUG=mutable-deployments
-export TEST_GPG_KEYID_1="472CDAFA"
-export TEST_GPG_KEYID_2="CA950D41"
-export TEST_GPG_KEYID_3="DF444D67"
+export TEST_GPG_KEYID_1="7FCA23D8472CDAFA"
+export TEST_GPG_KEYFPR_1="5E65DE75AB1C501862D476347FCA23D8472CDAFA"
+export TEST_GPG_KEYID_2="D8228CFECA950D41"
+export TEST_GPG_KEYFPR_2="7B3B1020D74479687FDB2273D8228CFECA950D41"
+export TEST_GPG_KEYID_3="0D15FAE7DF444D67"
+export TEST_GPG_KEYFPR_3="7D29CF060B8269CDF63BFBDD0D15FAE7DF444D67"
-# GPG when creating signatures demands a writable
+# GPG when creating signatures demands a private writable
# homedir in order to create lockfiles. Work around
# this by copying locally.
echo "Copying gpghome to ${test_tmpdir}"
cp -a "${test_srcdir}/gpghome" ${test_tmpdir}
chmod -R u+w "${test_tmpdir}"
+chmod 700 "${test_tmpdir}/gpghome"
export TEST_GPG_KEYHOME=${test_tmpdir}/gpghome
export OSTREE_GPG_HOME=${test_tmpdir}/gpghome/trusted
@@ -559,6 +563,18 @@ skip_without_user_xattrs () {
fi
}
+_have_systemd_and_libmount=''
+have_systemd_and_libmount() {
+ if test "${_have_systemd_and_libmount}" = ''; then
+ if [ $(ostree --version | grep -c -e '- systemd' -e '- libmount') -eq 2 ]; then
+ _have_systemd_and_libmount=yes
+ else
+ _have_systemd_and_libmount=no
+ fi
+ fi
+ test ${_have_systemd_and_libmount} = yes
+}
+
# Skip unless SELinux is disabled, or we can relabel.
# Default Docker has security.selinux xattrs, but returns
# EOPNOTSUPP when trying to set them, even to the existing value.
diff --git a/tests/test-gpg-verify-result.c b/tests/test-gpg-verify-result.c
index 95de1873..5ae129b9 100644
--- a/tests/test-gpg-verify-result.c
+++ b/tests/test-gpg-verify-result.c
@@ -36,6 +36,18 @@
} \
} G_STMT_END
+#define assert_str_contains(s1, s2) \
+ G_STMT_START { \
+ const char *__s1 = (s1), *__s2 = (s2); \
+ if (strstr (__s1, __s2) == NULL) { \
+ g_autoptr(GString) string = g_string_new ("assertion failed (" #s1 " contains " #s2 "): "); \
+ g_autofree char *__es1 = g_strescape (__s1, NULL); \
+ g_autofree char *__es2 = g_strescape (__s2, NULL); \
+ g_string_append_printf (string, "(\"%s\", \"%s\")", __es1, __es2); \
+ g_assertion_message (G_LOG_DOMAIN, __FILE__, __LINE__, G_STRFUNC, string->str); \
+ } \
+ } G_STMT_END
+
typedef struct {
OstreeGpgVerifyResult *result;
} TestFixture;
@@ -53,12 +65,12 @@ static void
test_fixture_setup (TestFixture *fixture,
gconstpointer user_data)
{
+ const char * const *sig_files = user_data;
gpgme_error_t gpg_error;
gpgme_data_t data_buffer;
gpgme_data_t signature_buffer;
OstreeGpgVerifyResult *result;
g_autofree char *homedir = NULL;
- g_autofree char *filename = NULL;
GError *local_error = NULL;
/* Mimic what OstreeGpgVerifier does to create OstreeGpgVerifyResult.
@@ -74,15 +86,47 @@ test_fixture_setup (TestFixture *fixture,
NULL, &local_error, NULL);
g_assert_no_error (local_error);
- filename = g_build_filename (homedir, "lgpl2", NULL);
- gpg_error = gpgme_data_new_from_file (&data_buffer, filename, 1);
- assert_no_gpg_error (gpg_error, filename);
+ g_autofree char *data_filename = g_build_filename (homedir, "lgpl2", NULL);
+ gpg_error = gpgme_data_new_from_file (&data_buffer, data_filename, 1);
+ assert_no_gpg_error (gpg_error, data_filename);
- g_clear_pointer (&filename, g_free);
+ if (sig_files == NULL)
+ {
+ /* No signature files specified, use full lgpl2.sig file */
+ g_autofree char *filename = g_build_filename (homedir, "lgpl2.sig", NULL);
+ gpg_error = gpgme_data_new_from_file (&signature_buffer, filename, 1);
+ assert_no_gpg_error (gpg_error, filename);
+ }
+ else
+ {
+ /* Read all the specified files into the signature buffer */
+ gpg_error = gpgme_data_new (&signature_buffer);
+ assert_no_gpg_error (gpg_error, NULL);
- filename = g_build_filename (homedir, "lgpl2.sig", NULL);
- gpg_error = gpgme_data_new_from_file (&signature_buffer, filename, 1);
- assert_no_gpg_error (gpg_error, filename);
+ for (const char * const *name = sig_files; *name != NULL; name++)
+ {
+ g_autofree char *path = g_build_filename (homedir, *name, NULL);
+ g_autoptr(GFile) sig_file = g_file_new_for_path (path);
+
+ g_autofree char *contents = NULL;
+ gsize len;
+ g_assert_true (g_file_load_contents (sig_file, NULL, &contents,
+ &len, NULL, &local_error));
+ g_assert_no_error (local_error);
+
+ char *cur = contents;
+ while (len > 0)
+ {
+ ssize_t written = gpgme_data_write (signature_buffer, cur, len);
+ if (written == -1)
+ assert_no_gpg_error (gpgme_error_from_syserror (), path);
+ cur += written;
+ len -= written;
+ }
+ }
+
+ gpgme_data_seek (signature_buffer, 0, SEEK_SET);
+ }
gpg_error = gpgme_op_verify (result->context,
signature_buffer, data_buffer, NULL);
@@ -115,7 +159,7 @@ test_check_counts (TestFixture *fixture,
count_valid = ostree_gpg_verify_result_count_valid (fixture->result);
g_assert_cmpint (count_all, ==, 5);
- g_assert_cmpint (count_valid, ==, 2);
+ g_assert_cmpint (count_valid, ==, 1);
}
static void
@@ -123,7 +167,7 @@ test_signature_lookup (TestFixture *fixture,
gconstpointer user_data)
{
/* Checking the signature with the revoked key for this case. */
- guint expected_signature_index = GPOINTER_TO_UINT (user_data);
+ guint expected_signature_index = 2;
/* Lowercase letters to ensure OstreeGpgVerifyResult handles it. */
const char *fingerprint = "68dcc2db4bec5811c2573590bd9d2a44b7f541a6";
@@ -215,7 +259,7 @@ static void
test_valid_signature (TestFixture *fixture,
gconstpointer user_data)
{
- guint signature_index = GPOINTER_TO_UINT (user_data);
+ guint signature_index = 0;
g_autoptr(GVariant) tuple = NULL;
gboolean valid;
gboolean sig_expired;
@@ -249,7 +293,7 @@ static void
test_expired_key (TestFixture *fixture,
gconstpointer user_data)
{
- guint signature_index = GPOINTER_TO_UINT (user_data);
+ guint signature_index = 1;
g_autoptr(GVariant) tuple = NULL;
gboolean valid;
gboolean sig_expired;
@@ -283,7 +327,7 @@ static void
test_revoked_key (TestFixture *fixture,
gconstpointer user_data)
{
- guint signature_index = GPOINTER_TO_UINT (user_data);
+ guint signature_index = 2;
g_autoptr(GVariant) tuple = NULL;
gboolean valid;
gboolean sig_expired;
@@ -317,7 +361,7 @@ static void
test_missing_key (TestFixture *fixture,
gconstpointer user_data)
{
- guint signature_index = GPOINTER_TO_UINT (user_data);
+ guint signature_index = 3;
g_autoptr(GVariant) tuple = NULL;
gboolean valid;
gboolean sig_expired;
@@ -351,7 +395,7 @@ static void
test_expired_signature (TestFixture *fixture,
gconstpointer user_data)
{
- guint signature_index = GPOINTER_TO_UINT (user_data);
+ guint signature_index = 4;
g_autoptr(GVariant) tuple = NULL;
gboolean valid;
gboolean sig_expired;
@@ -373,7 +417,7 @@ test_expired_signature (TestFixture *fixture,
&key_missing,
&key_exp_timestamp);
- g_assert_true (valid);
+ g_assert_false (valid);
g_assert_true (sig_expired);
g_assert_false (key_expired);
g_assert_false (key_revoked);
@@ -381,6 +425,83 @@ test_expired_signature (TestFixture *fixture,
g_assert_cmpint (key_exp_timestamp, ==, 0);
}
+static void
+test_require_valid_signature (TestFixture *fixture,
+ gconstpointer user_data)
+{
+ GError *error = NULL;
+ gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
+ &error);
+ g_assert_true (res);
+ g_assert_no_error (error);
+}
+
+static void
+test_require_valid_signature_expired_key (TestFixture *fixture,
+ gconstpointer user_data)
+{
+ GError *error = NULL;
+ gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
+ &error);
+ g_assert_false (res);
+ g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_EXPIRED_KEY);
+ assert_str_contains (error->message, "Key expired");
+}
+
+static void
+test_require_valid_signature_revoked_key (TestFixture *fixture,
+ gconstpointer user_data)
+{
+ GError *error = NULL;
+ gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
+ &error);
+ g_assert_false (res);
+ g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_REVOKED_KEY);
+ assert_str_contains (error->message, "Key revoked");
+}
+
+static void
+test_require_valid_signature_missing_key (TestFixture *fixture,
+ gconstpointer user_data)
+{
+ GError *error = NULL;
+ gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
+ &error);
+ g_assert_false (res);
+ g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_MISSING_KEY);
+ assert_str_contains (error->message, "public key not found");
+}
+
+static void
+test_require_valid_signature_expired_signature (TestFixture *fixture,
+ gconstpointer user_data)
+{
+ GError *error = NULL;
+ gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
+ &error);
+ g_assert_false (res);
+ g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_EXPIRED_SIGNATURE);
+ assert_str_contains (error->message, "Signature expired");
+}
+
+static void
+test_require_valid_signature_expired_missing_key (TestFixture *fixture,
+ gconstpointer user_data)
+{
+ GError *error = NULL;
+ gboolean res = ostree_gpg_verify_result_require_valid_signature (fixture->result,
+ &error);
+ g_assert_false (res);
+
+ /*
+ * The error will be for the last signature, which is for a missing key, but
+ * the message should show both issues.
+ */
+ g_assert_error (error, OSTREE_GPG_ERROR, OSTREE_GPG_ERROR_MISSING_KEY);
+ assert_str_contains (error->message, "Key expired");
+ assert_str_contains (error->message, "public key not found");
+}
+
int
main (int argc, char **argv)
{
@@ -397,7 +518,7 @@ main (int argc, char **argv)
g_test_add ("/gpg-verify-result/signature-lookup",
TestFixture,
- GINT_TO_POINTER (2),
+ NULL,
test_fixture_setup,
test_signature_lookup,
test_fixture_teardown);
@@ -411,38 +532,85 @@ main (int argc, char **argv)
g_test_add ("/gpg-verify-result/valid-signature",
TestFixture,
- GINT_TO_POINTER (0), /* signature index */
+ NULL,
test_fixture_setup,
test_valid_signature,
test_fixture_teardown);
g_test_add ("/gpg-verify-result/expired-key",
TestFixture,
- GINT_TO_POINTER (1), /* signature index */
+ NULL,
test_fixture_setup,
test_expired_key,
test_fixture_teardown);
g_test_add ("/gpg-verify-result/revoked-key",
TestFixture,
- GINT_TO_POINTER (2), /* signature index */
+ NULL,
test_fixture_setup,
test_revoked_key,
test_fixture_teardown);
g_test_add ("/gpg-verify-result/missing-key",
TestFixture,
- GINT_TO_POINTER (3), /* signature index */
+ NULL,
test_fixture_setup,
test_missing_key,
test_fixture_teardown);
g_test_add ("/gpg-verify-result/expired-signature",
TestFixture,
- GINT_TO_POINTER (4), /* signature index */
+ NULL,
test_fixture_setup,
test_expired_signature,
test_fixture_teardown);
+ g_test_add ("/gpg-verify-result/require-valid-signature",
+ TestFixture,
+ NULL,
+ test_fixture_setup,
+ test_require_valid_signature,
+ test_fixture_teardown);
+
+ const char *expired_key_files[] = { "lgpl2.sig1", NULL };
+ g_test_add ("/gpg-verify-result/require-valid-signature-expired-key",
+ TestFixture,
+ expired_key_files,
+ test_fixture_setup,
+ test_require_valid_signature_expired_key,
+ test_fixture_teardown);
+
+ const char *revoked_key_files[] = { "lgpl2.sig2", NULL };
+ g_test_add ("/gpg-verify-result/require-valid-signature-revoked-key",
+ TestFixture,
+ revoked_key_files,
+ test_fixture_setup,
+ test_require_valid_signature_revoked_key,
+ test_fixture_teardown);
+
+ const char *missing_key_files[] = { "lgpl2.sig3", NULL };
+ g_test_add ("/gpg-verify-result/require-valid-signature-missing-key",
+ TestFixture,
+ missing_key_files,
+ test_fixture_setup,
+ test_require_valid_signature_missing_key,
+ test_fixture_teardown);
+
+ const char *expired_signature_files[] = { "lgpl2.sig4", NULL };
+ g_test_add ("/gpg-verify-result/require-valid-signature-expired-signature",
+ TestFixture,
+ expired_signature_files,
+ test_fixture_setup,
+ test_require_valid_signature_expired_signature,
+ test_fixture_teardown);
+
+ const char *expired_missing_key_files[] = { "lgpl2.sig1", "lgpl2.sig3", NULL };
+ g_test_add ("/gpg-verify-result/require-valid-signature-expired-missing-key",
+ TestFixture,
+ expired_missing_key_files,
+ test_fixture_setup,
+ test_require_valid_signature_expired_missing_key,
+ test_fixture_teardown);
+
return g_test_run ();
}
diff --git a/tests/test-libarchive-import.c b/tests/test-libarchive-import.c
index 70e221d1..d3429cd6 100644
--- a/tests/test-libarchive-import.c
+++ b/tests/test-libarchive-import.c
@@ -544,6 +544,12 @@ test_libarchive_selinux (gconstpointer data)
if (skip_if_no_xattr (td))
goto out;
+ if (getenv ("container"))
+ {
+ // FIXME dedup this with libtest.sh have_selinux_relabel
+ g_test_skip ("skip in containers for now");
+ goto out;
+ }
if (td->skip_all != NULL)
{
diff --git a/tests/test-libarchive.sh b/tests/test-libarchive.sh
index 24de55b2..174be800 100755
--- a/tests/test-libarchive.sh
+++ b/tests/test-libarchive.sh
@@ -28,7 +28,7 @@ fi
. $(dirname $0)/libtest.sh
-echo "1..17"
+echo "1..18"
setup_test_repository "bare"
@@ -234,3 +234,17 @@ for filter in '^usr/bin/,usr/sbin/' '/bin/,/sbin/'; do
assert_file_has_content usr/lib/libfoo.so 'a library'
echo "ok tar pathname filter modification: ${filter}"
done
+
+# Test sizes metadata. This needs an archive repo, so a separate repo is used.
+cd ${test_tmpdir}
+rm -rf repo2
+ostree_repo_init repo2 --mode=archive
+${CMD_PREFIX} ostree --repo=repo2 commit \
+ -s "from tar" -b test-tar \
+ --generate-sizes \
+ --tree=tar=foo.tar.gz
+${CMD_PREFIX} ostree --repo=repo2 show --print-sizes test-tar > sizes.txt
+assert_file_has_content sizes.txt 'Compressed size (needed/total): 0[ ]bytes/1.1[ ]kB'
+assert_file_has_content sizes.txt 'Unpacked size (needed/total): 0[ ]bytes/900[ ]bytes'
+assert_file_has_content sizes.txt 'Number of objects (needed/total): 0/12'
+echo "ok tar sizes metadata"
diff --git a/tests/test-pull-sizes.sh b/tests/test-pull-sizes.sh
new file mode 100755
index 00000000..8ee07cc8
--- /dev/null
+++ b/tests/test-pull-sizes.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+#
+# Copyright (C) 2019 Endless Mobile, Inc.
+#
+# SPDX-License-Identifier: LGPL-2.0+
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the
+# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+# Boston, MA 02111-1307, USA.
+
+set -euo pipefail
+
+. $(dirname $0)/libtest.sh
+
+setup_fake_remote_repo1 "archive" "--generate-sizes"
+
+echo '1..3'
+
+cd ${test_tmpdir}
+mkdir repo
+ostree_repo_init repo
+${CMD_PREFIX} ostree --repo=repo remote add --set=gpg-verify=false origin $(cat httpd-address)/ostree/gnomerepo
+
+# Pull commit metadata only. All size and objects will be needed.
+${CMD_PREFIX} ostree --repo=repo pull --commit-metadata-only origin main
+${CMD_PREFIX} ostree --repo=repo show --print-sizes origin:main > show.txt
+assert_file_has_content show.txt 'Compressed size (needed/total): 637[ ]bytes/637[ ]bytes'
+assert_file_has_content show.txt 'Unpacked size (needed/total): 457[ ]bytes/457[ ]bytes'
+assert_file_has_content show.txt 'Number of objects (needed/total): 10/10'
+echo "ok sizes commit metadata only"
+
+# Pull the parent commit so we get most of the objects
+parent=$(${CMD_PREFIX} ostree --repo=repo rev-parse origin:main^)
+${CMD_PREFIX} ostree --repo=repo pull origin ${parent}
+${CMD_PREFIX} ostree --repo=repo show --print-sizes origin:main > show.txt
+assert_file_has_content show.txt 'Compressed size (needed/total): 501[ ]bytes/637[ ]bytes'
+assert_file_has_content show.txt 'Unpacked size (needed/total): 429[ ]bytes/457[ ]bytes'
+assert_file_has_content show.txt 'Number of objects (needed/total): 6/10'
+echo "ok sizes commit partial"
+
+# Finish pulling the commit and check that no objects needed
+${CMD_PREFIX} ostree --repo=repo pull origin main
+${CMD_PREFIX} ostree --repo=repo show --print-sizes origin:main > show.txt
+assert_file_has_content show.txt 'Compressed size (needed/total): 0[ ]bytes/637[ ]bytes'
+assert_file_has_content show.txt 'Unpacked size (needed/total): 0[ ]bytes/457[ ]bytes'
+assert_file_has_content show.txt 'Number of objects (needed/total): 0/10'
+echo "ok sizes commit full"
diff --git a/tests/test-pull-summary-sigs.sh b/tests/test-pull-summary-sigs.sh
index 821ae953..401e88c9 100755
--- a/tests/test-pull-summary-sigs.sh
+++ b/tests/test-pull-summary-sigs.sh
@@ -189,7 +189,7 @@ cp ${test_tmpdir}/ostree-srv/gnomerepo/summary.sig{.2,}
if ${OSTREE} --repo=repo pull origin main 2>err.txt; then
assert_not_reached "Successful pull with old summary"
fi
-assert_file_has_content err.txt "none are in trusted keyring"
+assert_file_has_content err.txt "BAD signature"
assert_has_file repo/tmp/cache/summaries/origin
assert_has_file repo/tmp/cache/summaries/origin.sig
cmp repo/tmp/cache/summaries/origin ${test_tmpdir}/ostree-srv/gnomerepo/summary.1 >&2
diff --git a/tests/test-remote-gpg-import.sh b/tests/test-remote-gpg-import.sh
index 4d73fa11..cf13b499 100755
--- a/tests/test-remote-gpg-import.sh
+++ b/tests/test-remote-gpg-import.sh
@@ -28,7 +28,12 @@ unset OSTREE_GPG_HOME
setup_fake_remote_repo1 "archive"
-echo "1..4"
+# Some tests require an appropriate gpg
+num_non_gpg_tests=4
+num_gpg_tests=2
+num_tests=$((num_non_gpg_tests + num_gpg_tests))
+
+echo "1..${num_tests}"
cd ${test_tmpdir}
mkdir repo
@@ -163,7 +168,7 @@ ${OSTREE} remote add --set=gpgkeypath=${test_tmpdir}/gpghome/key1.asc,${test_tmp
if ${OSTREE} pull R8:main 2>err.txt; then
assert_not_reached "Unexpectedly succeeded at pulling with different key"
fi
-assert_file_has_content err.txt "GPG signatures found, but none are in trusted keyring"
+assert_file_has_content err.txt "public key not found"
# Test gpgkeypath success with directory containing a valid key
${OSTREE} remote add --set=gpgkeypath=${test_tmpdir}/gpghome/ R9 $(cat httpd-address)/ostree/gnomerepo
@@ -243,7 +248,7 @@ ${OSTREE} remote add --set=gpgkeypath=${test_tmpdir}/gpghome/key2.asc R6 $(cat h
if ${OSTREE} pull R6:main 2>err.txt; then
assert_not_reached "Unexpectedly succeeded at pulling with different key"
fi
-assert_file_has_content err.txt "GPG signatures found, but none are in trusted keyring"
+assert_file_has_content err.txt "public key not found"
echo "ok"
@@ -269,7 +274,7 @@ newrev=$(${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo rev-par
if ${OSTREE} pull --require-static-deltas R1:main 2>err.txt; then
assert_not_reached "Unexpectedly succeeded at pulling commit signed with untrusted key"
fi
-assert_file_has_content err.txt "GPG signatures found, but none are in trusted keyring"
+assert_file_has_content err.txt "public key not found"
echo "ok gpg untrusted signed commit for delta upgrades"
@@ -280,3 +285,57 @@ ${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo summary -u --gpg
${OSTREE} pull --require-static-deltas R1:main
echo "ok gpg trusted signed commit for delta upgrades"
+
+# Run some more tests if an appropriate gpg is available
+GPG=$(which_gpg)
+if [ -z "${GPG}" ]; then
+ # Print a skip message per skipped test
+ for (( i = 0; i < num_gpg_tests; i++ )); do
+ echo "ok # SKIP this test requires gpg"
+ done
+else
+ # Create a commit signed with keyid 1
+ echo $(date) > workdir/testfile-for-key-mangling
+ ${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main --gpg-sign ${TEST_GPG_KEYID_1} --gpg-homedir ${test_tmpdir}/gpghome workdir
+
+ # Re-add the remote
+ ${OSTREE} remote delete R1
+ ${OSTREE} remote add --gpg-import ${test_tmpdir}/gpghome/key1.asc R1 $(cat httpd-address)/ostree/gnomerepo | grep -o 'Imported [[:digit:]] GPG key' > result
+ assert_file_has_content result 'Imported 1 GPG key'
+
+ # Expire key 1, wait for it to be expired and import the expired key. Only
+ # new keys are reported.
+ ${GPG} --homedir=${test_tmpdir}/gpghome --quick-set-expire ${TEST_GPG_KEYFPR_1} seconds=1
+ sleep 2
+ ${GPG} --homedir=${test_tmpdir}/gpghome --armor --export ${TEST_GPG_KEYID_1} > ${test_tmpdir}/key1expired.asc
+ ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/key1expired.asc R1 | grep -o 'Imported [[:digit:]] GPG key' > result
+ assert_file_has_content result 'Imported 0 GPG key'
+
+ # Pulling should fail since the key is expired
+ rm repo/refs/remotes/* -rf
+ ${OSTREE} prune --refs-only
+ if ${OSTREE} pull R1:main 2>err.txt; then
+ assert_not_reached "Unexpectedly succeeded at pulling commit signed with expired key"
+ fi
+ assert_file_has_content err.txt "Key expired"
+
+ echo "ok imported expired key"
+
+ # Unexpire keyid 1 and revoke it. Revoking is done by importing the
+ # pre-generated revocation certificate.
+ ${GPG} --homedir=${test_tmpdir}/gpghome --quick-set-expire ${TEST_GPG_KEYFPR_1} seconds=0
+ ${GPG} --homedir=${TEST_GPG_KEYHOME} --import ${TEST_GPG_KEYHOME}/revocations/key1.rev
+ ${GPG} --homedir=${test_tmpdir}/gpghome --armor --export ${TEST_GPG_KEYID_1} > ${test_tmpdir}/key1revoked.asc
+ ${OSTREE} remote gpg-import --keyring ${test_tmpdir}/key1revoked.asc R1 | grep -o 'Imported [[:digit:]] GPG key' > result
+ assert_file_has_content result 'Imported 0 GPG key'
+
+ # Pulling should fail since the key is revoked
+ rm repo/refs/remotes/* -rf
+ ${OSTREE} prune --refs-only
+ if ${OSTREE} pull R1:main 2>err.txt; then
+ assert_not_reached "Unexpectedly succeeded at pulling commit signed with revoked key"
+ fi
+ assert_file_has_content err.txt "Key revoked"
+
+ echo "ok imported revoked key"
+fi
diff --git a/tests/test-sizes.js b/tests/test-sizes.js
index 73b179c5..a2246536 100755
--- a/tests/test-sizes.js
+++ b/tests/test-sizes.js
@@ -28,11 +28,110 @@ function assertEquals(a, b) {
throw new Error("assertion failed " + JSON.stringify(a) + " == " + JSON.stringify(b));
}
-print('1..1')
+function assertGreater(a, b) {
+ if (a <= b)
+ throw new Error("assertion failed " + JSON.stringify(a) + " > " + JSON.stringify(b));
+}
+
+function assertGreaterEquals(a, b) {
+ if (a < b)
+ throw new Error("assertion failed " + JSON.stringify(a) + " >= " + JSON.stringify(b));
+}
+
+// Adapted from _ostree_read_varuint64()
+function readVarint(buffer) {
+ let result = 0;
+ let count = 0;
+ let len = buffer.length;
+ let cur;
+
+ do {
+ assertGreater(len, 0);
+ cur = buffer[count];
+ result = result | ((cur & 0x7F) << (7 * count));
+ count++;
+ len--;
+ } while (cur & 0x80);
+
+ return [result, count];
+}
+
+// There have been various bugs with byte array unpacking in GJS, so
+// just do it manually.
+function unpackByteArray(variant) {
+ let array = [];
+ let nBytes = variant.n_children();
+ for (let i = 0; i < nBytes; i++) {
+ array.push(variant.get_child_value(i).get_byte());
+ }
+ return array;
+}
+
+function validateSizes(repo, commit, expectedObjects) {
+ let [,commitVariant] = repo.load_variant(OSTree.ObjectType.COMMIT, commit);
+ let metadata = commitVariant.get_child_value(0);
+ let sizes = metadata.lookup_value('ostree.sizes', GLib.VariantType.new('aay'));
+ let nObjects = sizes.n_children();
+ let expectedNObjects = Object.keys(expectedObjects).length
+ assertEquals(nObjects, expectedNObjects);
+
+ for (let i = 0; i < nObjects; i++) {
+ let sizeEntry = sizes.get_child_value(i);
+ assertGreaterEquals(sizeEntry.n_children(), 34);
+ let entryBytes = unpackByteArray(sizeEntry);
+ let checksumBytes = entryBytes.slice(0, 32);
+ let checksumString = OSTree.checksum_from_bytes(checksumBytes);
+ print("checksum = " + checksumString);
+
+ // Read the sizes from the next 2 varints
+ let remainingBytes = entryBytes.slice(32);
+ assertGreaterEquals(remainingBytes.length, 2);
+ let varintRead;
+ let compressedSize;
+ let uncompressedSize;
+ [compressedSize, varintRead] = readVarint(remainingBytes);
+ remainingBytes = remainingBytes.slice(varintRead);
+ assertGreaterEquals(remainingBytes.length, 1);
+ [uncompressedSize, varintRead] = readVarint(remainingBytes);
+ remainingBytes = remainingBytes.slice(varintRead);
+ assertEquals(remainingBytes.length, 1);
+ let objectType = remainingBytes[0];
+ let objectTypeString = OSTree.object_type_to_string(objectType);
+ print("compressed = " + compressedSize);
+ print("uncompressed = " + uncompressedSize);
+ print("objtype = " + objectTypeString + " (" + objectType + ")");
+ let objectName = OSTree.object_to_string(checksumString, objectType);
+ print("object = " + objectName);
+
+ if (!(objectName in expectedObjects)) {
+ throw new Error("Object " + objectName + " not in " +
+ JSON.stringify(expectedObjects));
+ }
+ let expectedSizes = expectedObjects[objectName];
+ let expectedCompressedSize = expectedSizes[0];
+ let expectedUncompressedSize = expectedSizes[1];
+ if (compressedSize != expectedCompressedSize) {
+ throw new Error("Compressed size " + compressedSize +
+ " for checksum " + checksumString +
+ " does not match expected " + expectedCompressedSize);
+ }
+ if (uncompressedSize != expectedUncompressedSize) {
+ throw new Error("Uncompressed size " + uncompressedSize +
+ " for checksum " + checksumString +
+ " does not match expected " + expectedUncompressedSize);
+ }
+ }
+}
+
+print('1..3')
let testDataDir = Gio.File.new_for_path('test-data');
testDataDir.make_directory(null);
testDataDir.get_child('some-file').replace_contents("hello world!", null, false, 0, null);
+testDataDir.get_child('some-file').copy(testDataDir.get_child('duplicate-file'),
+ Gio.FileCopyFlags.OVERWRITE,
+ null, null);
+testDataDir.get_child('link-file').make_symbolic_link('some-file', null);
testDataDir.get_child('another-file').replace_contents("hello world again!", null, false, 0, null);
let repoPath = Gio.File.new_for_path('repo');
@@ -41,7 +140,10 @@ repo.create(OSTree.RepoMode.ARCHIVE_Z2, null);
repo.open(null);
-let commitModifier = OSTree.RepoCommitModifier.new(OSTree.RepoCommitModifierFlags.GENERATE_SIZES, null);
+let commitModifierFlags = (OSTree.RepoCommitModifierFlags.GENERATE_SIZES |
+ OSTree.RepoCommitModifierFlags.SKIP_XATTRS |
+ OSTree.RepoCommitModifierFlags.CANONICAL_PERMISSIONS);
+let commitModifier = OSTree.RepoCommitModifier.new(commitModifierFlags, null);
assertEquals(repo.get_mode(), OSTree.RepoMode.ARCHIVE_Z2);
@@ -55,32 +157,61 @@ print("commit => " + commit);
repo.commit_transaction(null);
-// Test the sizes metadata
-let [,commitVariant] = repo.load_variant(OSTree.ObjectType.COMMIT, commit);
-let metadata = commitVariant.get_child_value(0);
-let sizes = metadata.lookup_value('ostree.sizes', GLib.VariantType.new('aay'));
-let nSizes = sizes.n_children();
-assertEquals(nSizes, 2);
-let expectedUncompressedSizes = [12, 18];
-let foundExpectedUncompressedSizes = 0;
-for (let i = 0; i < nSizes; i++) {
- let sizeEntry = sizes.get_child_value(i);
- assertEquals(sizeEntry.n_children(), 34);
- let compressedSize = sizeEntry.get_child_value(32).get_byte();
- let uncompressedSize = sizeEntry.get_child_value(33).get_byte();
- print("compressed = " + compressedSize);
- print("uncompressed = " + uncompressedSize);
- for (let j = 0; j < expectedUncompressedSizes.length; j++) {
- let expected = expectedUncompressedSizes[j];
- if (expected == uncompressedSize) {
- print("Matched expected uncompressed size " + expected);
- expectedUncompressedSizes.splice(j, 1);
- break;
- }
- }
-}
-if (expectedUncompressedSizes.length > 0) {
- throw new Error("Failed to match expectedUncompressedSizes: " + JSON.stringify(expectedUncompressedSizes));
-}
+// Test the sizes metadata. The key is the object and the value is an
+// array of compressed size and uncompressed size.
+let expectedObjects = {
+ 'f5ee222a21e2c96edbd6f2543c4bc8a039f827be3823d04777c9ee187778f1ad.file': [
+ 54, 18
+ ],
+ 'd35bfc50864fca777dbeead3ba3689115b76674a093210316589b1fe5cc3ff4b.file': [
+ 48, 12
+ ],
+ '8322876a078e79d8c960b8b4658fe77e7b2f878f8a6cf89dbb87c6becc8128a0.file': [
+ 43, 9
+ ],
+ '1c77033ca06eae77ed99cb26472969964314ffd5b4e4c0fd3ff6ec4265c86e51.dirtree': [
+ 185, 185
+ ],
+ '446a0ef11b7cc167f3b603e585c7eeeeb675faa412d5ec73f62988eb0b6c5488.dirmeta': [
+ 12, 12
+ ],
+};
+validateSizes(repo, commit, expectedObjects);
print("ok test-sizes");
+
+// Remove a file to make sure that metadata is not reused from the
+// previous commit. Remove that file from the expected metadata and
+// replace the dirtree object.
+testDataDir.get_child('another-file').delete(null);
+delete expectedObjects['f5ee222a21e2c96edbd6f2543c4bc8a039f827be3823d04777c9ee187778f1ad.file'];
+delete expectedObjects['1c77033ca06eae77ed99cb26472969964314ffd5b4e4c0fd3ff6ec4265c86e51.dirtree'];
+expectedObjects['a384660cc18ffdb60296961dde9a2d6f78f4fec095165652cb53aa81f6dc7539.dirtree'] = [
+ 138, 138
+];
+
+repo.prepare_transaction(null);
+mtree = OSTree.MutableTree.new();
+repo.write_directory_to_mtree(testDataDir, mtree, commitModifier, null);
+[,dirTree] = repo.write_mtree(mtree, null);
+[,commit] = repo.write_commit(null, 'Some subject', 'Some body', null, dirTree, null);
+print("commit => " + commit);
+repo.commit_transaction(null);
+
+validateSizes(repo, commit, expectedObjects);
+
+print("ok test-sizes file deleted");
+
+// Repeat the commit now that all the objects are cached and ensure the
+// metadata is still correct
+repo.prepare_transaction(null);
+mtree = OSTree.MutableTree.new();
+repo.write_directory_to_mtree(testDataDir, mtree, commitModifier, null);
+[,dirTree] = repo.write_mtree(mtree, null);
+[,commit] = repo.write_commit(null, 'Another subject', 'Another body', null, dirTree, null);
+print("commit => " + commit);
+repo.commit_transaction(null);
+
+validateSizes(repo, commit, expectedObjects);
+
+print("ok test-sizes repeated");
diff --git a/tests/test-switchroot.sh b/tests/test-switchroot.sh
index bc3ec38b..70b2391d 100755
--- a/tests/test-switchroot.sh
+++ b/tests/test-switchroot.sh
@@ -2,6 +2,16 @@
this_script="${BASH_SOURCE:-$(readlink -f "$0")}"
+OSTREE_PREPARE_ROOT=$(dirname "${this_script}")/../ostree-prepare-root
+if [ ! -x "${OSTREE_PREPARE_ROOT}" ]; then
+ # ostree-prepare-root is in $libdir by default, assume we can find it
+ # based on our test directory, if not we'll have to skip this test.
+ OSTREE_PREPARE_ROOT=$(dirname "${this_script}")/../../../lib/ostree/ostree-prepare-root
+ if [ ! -x "${OSTREE_PREPARE_ROOT}" ]; then
+ OSTREE_PREPARE_ROOT=""
+ fi
+fi
+
setup_bootfs() {
mkdir -p "$1/proc" "$1/bin"
@@ -13,7 +23,7 @@ setup_bootfs() {
mount --bind "$1/override_cmdline" "$1/proc/cmdline"
touch "$1/this_is_bootfs"
- cp "$(dirname "$this_script")/../ostree-prepare-root" "$1/bin"
+ cp "${OSTREE_PREPARE_ROOT}" "$1/bin"
}
setup_rootfs() {
@@ -56,7 +66,7 @@ find_in_env() {
"$1" "$tmpdir"
enter_fs "$tmpdir"
ostree-prepare-root /sysroot
- find /
+ find / \( -path /proc -o -path /sysroot/proc \) -prune -o -print
touch /usr/usr_writable 2>/null \
&& echo "/usr is writable" \
|| echo "/usr is not writable"
@@ -82,7 +92,9 @@ test_that_prepare_root_sets_sysroot_up_correctly_with_initrd() {
grep -qx "/this_is_bootfs" files
grep -qx "/sysroot/this_is_ostree_root" files
grep -qx "/sysroot/sysroot/this_is_real_root" files
- grep -qx "/sysroot/var/this_is_ostree_var" files
+ if ! have_systemd_and_libmount; then
+ grep -qx "/sysroot/var/this_is_ostree_var" files
+ fi
grep -qx "/sysroot/usr/this_is_ostree_usr" files
grep -qx "/sysroot/usr is not writable" files
@@ -101,7 +113,9 @@ test_that_prepare_root_sets_root_up_correctly_with_no_initrd() {
grep -qx "/this_is_ostree_root" files
grep -qx "/sysroot/this_is_bootfs" files
grep -qx "/sysroot/this_is_real_root" files
- grep -qx "/var/this_is_ostree_var" files
+ if ! have_systemd_and_libmount; then
+ grep -qx "/var/this_is_ostree_var" files
+ fi
grep -qx "/usr/this_is_ostree_usr" files
grep -qx "/usr is not writable" files
@@ -130,6 +144,9 @@ if [ "${BASH_SOURCE[0]}" = "${0}" ]; then
[ -f /bin/busybox ] || \
skip "this test needs busybox"
+ [ -n "${OSTREE_PREPARE_ROOT}" ] || \
+ skip "this test needs ostree-prepare-root"
+
echo "1..3"
test_that_prepare_root_sets_sysroot_up_correctly_with_initrd
test_that_prepare_root_sets_root_up_correctly_with_no_initrd
diff --git a/tests/test-symbols.sh b/tests/test-symbols.sh
index a041ddb1..f6742d93 100755
--- a/tests/test-symbols.sh
+++ b/tests/test-symbols.sh
@@ -54,7 +54,7 @@ echo 'ok documented symbols'
# ONLY update this checksum in release commits!
cat > released-sha256.txt <