This lowers down into the C library some logic we
have in the binary/app logic, in prep for having more Rust-native
CLI code in https://github.com/ostreedev/ostree-rs-ext/pull/412
Basically we want to *ensure* a mount namespace by invoking
`unshare()` if necessary, instead of requiring our callers
to do this dance.
This also helps fix e.g.
Closes: https://github.com/ostreedev/ostree/issues/2769
ostree_kernel_args_delete_if_present checks if an argument is present
in OstreeKernelArgs and delete it.
Signed-off-by: Rafael Garcia Ruiz <rafael.garcia@collabora.com>
Check if an argument is present in OstreeKernelArgs. This is a way to
make easier idempotent append and delete operations.
ostree_kernel_args_append_if_missing uses it to avoid inserting a
duplicate key.
Closes#2329
Signed-off-by: Rafael Garcia Ruiz <rafael.garcia@collabora.com>
g_memdup() is subject to an integer overflow on 64-bit machines if the
object being copied is larger than UINT_MAX bytes. I suspect none of
these objects can actually be that large in practice, but it's easier
to replace all the calls than it is to assess whether we need to
replace them.
A backport in libglnx is used on systems where GLib is older than 2.68.x.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Basically, it should not be necessary - the policy should be
up-to-date. We don't want to force on continual policy rebuilds.
Even trying to run bwrap when we're *not* in a booted
root can cause failures in nested containerization scenarios.
Closes: https://github.com/ostreedev/ostree/issues/2758
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
Use G_IO_ERROR_BUSY to represent 500 error
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
Make G_IO_ERROR_BUSY independent from glib version
Signed-off-by: Ricardo Noriega <rnoriega@redhat.com>
This converts several invariant checks to asserts. Most of the
functions in this file were already using assertions, so this aligns
the remaining few outliers to the rest.
This enhances the logic handling GVariant parameters within
`ostree_repo_static_delta_generate()`.
Several of those entries are expected to be zero-terminated values,
and this implicit assumption has been observed to be an hidden trap
in languages where strings and arrays may not carry a terminator value
(e.g. Rust).
In order to improve the situation, this makes the documentation more
explicit and actively tries to catch invalid input parameters.
Introduces an intermediate format for overlayfs storage, where
.wh-ostree. prefixed files will be converted into char 0:0
whiteout devices used by overlayfs to mark deletions across layers.
The CI scripts now uses a volume for the scratch directories
previously in /var/tmp otherwise we cannot create whiteout
devices into an overlayfs mounted filesystem.
Related-Issue: #2712
This converts several invariant checks to asserts. Most of the
functions in this file were already using assertions, so this aligns
the remaining few outliers to the rest.
This enhances a bunch of helpers related to GVariant building, in
order to properly handle errors and avoid some potential cases of
unexpected NULL results.
This drops several NULL checks against filename input argument.
Those checks are both redundant (as filename validation already
checks for that) and dangerous (as they return early without
setting an error value).
If `/boot` is an automount, then the unit will be stopped as soon as the
automount expires. That's would defeat the purpose of using systemd to
delay finalizing the deployment until shutdown. This is not uncommon as
`systemd-gpt-auto-generator` will create an automount unit for `/boot`
when it's the EFI System Partition and there's no fstab entry.
To ensure that systemd doesn't stop the service early when the `/boot`
automount expires, introduce a new unit that holds `/boot` open until
it's sent `SIGTERM`. This uses a new `--hold` option for
`finalize-staged` that loads but doesn't lock the sysroot. A separate
unit is used since we want the process to remain active throughout the
finalization run in `ExecStop`. That wouldn't work if it was specified
in `ExecStart` in the same unit since it would be killed before the
`ExecStop` action was run.
Fixes: #2543
It can be useful to parse the options and initialize the sysroot without
actually loading it until later. Factor out the sysroot loading to a new
`ostree_admin_sysroot_load` and add a new
`OSTREE_ADMIN_BUILTIN_FLAG_NO_LOAD` flag to accommodate this.
are pending
This is to support pending deployments instead of rasing assertion.
For example:
```
$ sudo rpm-ostree kargs --append=foo=bar
$ sudo ostree admin kargs edit-in-place --append-if-missing=foobar
```
After reboot we get both `foo=bar foobar`.
Fix https://github.com/ostreedev/ostree/issues/2679
In the current "ostree native container" flow, we're inserting
a commit object into the repo but with no refs.
We have hacks in a few places to find the commit digest via e.g.
`find repo/objects -name *.commit` but that's a horrible hack.
Add `ostree rev-parse --single` which will print the single commit,
and error out if there is not exactly one commit.
Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
Commit 540e60c3 introduced _ostree_repo_auto_transaction_new(), a
private constructor to OstreeRepoAutoTransaction, by factoring out
some code from _ostree_repo_auto_transaction_start(). This factored
code increased the refcount of the 'repo' variable.
Subsequent commit 71304e854c made ostree_repo_prepare_transaction()
use ths newly introduced constructor. However, in this function, the
happy path assumed no ref was taken, and therefore did not unref it.
Commit 71304e854c didn't add the corresponding unref either.
This leaks a reference to OstreeRepo when calling
ostree_repo_prepare_transaction().
Plug this leak by using g_clear_object() to clear the repo field
of OstreeRepoAutoTransaction, instead of simply setting it to NULL.
Closes https://github.com/flatpak/flatpak/issues/4928
Simon McVittie
Colin Walters
Philip Withnall
Rafael Garcia Ruiz
Simon McVittie
Luca Bruno
Ricardo Noriega
Jonathan Lebon
Miguel Angel Ajo
Dan Nicholson
Nikita Dubrovskii
git-bruh
Huijing Hei
Georges Basile Stavracas Neto