in particular for architecture-specific builds. Note that it remains
in Build-Depends (not Build-Depends-Indep) because it is also needed
for gtkdocize during dh_autoreconf.
+ * d/p/2017.13/lib-core-Init-struct-stat-buffer.patch,
+ d/p/2017.13/lib-sysroot-Fix-pointer-going-out-of-scope-in-unlock-code.patch,
+ d/p/2017.13/lib-deploy-Ignore-FIFREEZE-FITHAW-errors-when-already-in-.patch,
+ d/p/2017.13/lib-deploy-Use-_exit-for-FIFREEZE-watchdog.patch,
+ d/p/2017.13/lib-deltas-Check-cancellable-during-processing.patch,
+ d/p/2017.13/lib-utils-Check-for-invalid-UTF-8-in-filenames.patch,
+ d/p/2017.13/Cope-with-xattr-syscalls-raising-EOPNOTSUPP.patch,
+ d/p/2017.13/lib-sysroot-Fix-error-handling-when-mounting-overlayfs-fa.patch,
+ d/p/2017.13/lib-repo-Properly-handle-NULL-homedir-when-signing-commit.patch,
+ d/p/2017.13/lib-repo-Fix-loading-commitstate-with-parent-repos.patch:
+ Add various bugfix patches from upstream
+ * d/p/2017.13/tests-Add-test-pull-bareuseronly.patch:
+ Add more test coverage from upstream
-- Simon McVittie <smcv@debian.org> Mon, 16 Oct 2017 10:13:54 +0100
--- /dev/null
+From: Simon McVittie <smcv@collabora.com>
+Date: Mon, 16 Oct 2017 12:51:04 +0100
+Subject: Cope with xattr syscalls raising EOPNOTSUPP
+
+ENOTSUP and EOPNOTSUPP are numerically equal on most Linux ports,
+but inexplicably differ on PA-RISC (hppa) and possibly other
+rare architectures.
+
+Signed-off-by: Simon McVittie <smcv@collabora.com>
+
+Closes: #1275
+Approved by: cgwalters
+Applied-upstream: 2017.13, commit:a4723dafed722008ed1ee3c952b7ff8e3d9b9a45
+---
+ src/ostree/ot-builtin-create-usb.c | 2 +-
+ tests/libostreetest.c | 10 ++++++----
+ 2 files changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/src/ostree/ot-builtin-create-usb.c b/src/ostree/ot-builtin-create-usb.c
+index c77dbcb..742a6c2 100644
+--- a/src/ostree/ot-builtin-create-usb.c
++++ b/src/ostree/ot-builtin-create-usb.c
+@@ -113,7 +113,7 @@ ostree_builtin_create_usb (int argc,
+ OstreeRepoMode mode = OSTREE_REPO_MODE_BARE_USER;
+
+ if (TEMP_FAILURE_RETRY (fgetxattr (mount_root_dfd, "user.test", NULL, 0)) < 0 &&
+- errno == ENOTSUP)
++ (errno == ENOTSUP || errno == EOPNOTSUPP))
+ mode = OSTREE_REPO_MODE_ARCHIVE;
+
+ g_debug ("%s: Creating repository in mode %u", G_STRFUNC, mode);
+diff --git a/tests/libostreetest.c b/tests/libostreetest.c
+index 496ff74..11949c9 100644
+--- a/tests/libostreetest.c
++++ b/tests/libostreetest.c
+@@ -85,8 +85,10 @@ ot_check_relabeling (gboolean *can_relabel,
+ g_autoptr(GBytes) bytes = glnx_fgetxattr_bytes (tmpf.fd, "security.selinux", &local_error);
+ if (!bytes)
+ {
+- /* libglnx preserves errno */
+- if (G_IN_SET (errno, ENOTSUP, ENODATA))
++ /* libglnx preserves errno. The EOPNOTSUPP case can't be part of a
++ * 'case' statement because on most but not all architectures,
++ * it's numerically equal to ENOTSUP. */
++ if (G_IN_SET (errno, ENOTSUP, ENODATA) || errno == EOPNOTSUPP)
+ {
+ *can_relabel = FALSE;
+ return TRUE;
+@@ -99,7 +101,7 @@ ot_check_relabeling (gboolean *can_relabel,
+ const guint8 *data = g_bytes_get_data (bytes, &data_len);
+ if (fsetxattr (tmpf.fd, "security.selinux", data, data_len, 0) < 0)
+ {
+- if (errno == ENOTSUP)
++ if (errno == ENOTSUP || errno == EOPNOTSUPP)
+ {
+ *can_relabel = FALSE;
+ return TRUE;
+@@ -122,7 +124,7 @@ ot_check_user_xattrs (gboolean *has_user_xattrs,
+
+ if (fsetxattr (tmpf.fd, "user.test", "novalue", strlen ("novalue"), 0) < 0)
+ {
+- if (errno == ENOTSUP)
++ if (errno == ENOTSUP || errno == EOPNOTSUPP)
+ {
+ *has_user_xattrs = FALSE;
+ return TRUE;
--- /dev/null
+From: Colin Walters <walters@verbum.org>
+Date: Wed, 4 Oct 2017 10:22:05 -0400
+Subject: lib/core: Init struct stat buffer
+
+Regression from d57410a7e62dcb89321807dcb2d91c85f9d26df7
+
+Fixes Coverity CID #1457316
+
+Closes: #1249
+Approved by: jlebon
+Origin: upstream, 2017.13, commit:e80efe0b0668a351361bb0a218a809434dd33d63
+---
+ src/libostree/ostree-core.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/libostree/ostree-core.c b/src/libostree/ostree-core.c
+index 08c2892..7fa051f 100644
+--- a/src/libostree/ostree-core.c
++++ b/src/libostree/ostree-core.c
+@@ -1614,10 +1614,13 @@ _ostree_gfileinfo_equal (GFileInfo *a, GFileInfo *b)
+ return TRUE;
+ }
+
++/* Many parts of libostree only care about mode,uid,gid - this creates
++ * a new GFileInfo with those fields see.
++ */
+ GFileInfo *
+ _ostree_mode_uidgid_to_gfileinfo (mode_t mode, uid_t uid, gid_t gid)
+ {
+- struct stat stbuf;
++ struct stat stbuf = { 0, };
+ stbuf.st_mode = mode;
+ stbuf.st_uid = uid;
+ stbuf.st_gid = gid;
--- /dev/null
+From: Colin Walters <walters@verbum.org>
+Date: Thu, 12 Oct 2017 10:46:25 -0400
+Subject: lib/deltas: Check cancellable during processing
+
+Let's react to `Ctrl-C` faster here. Noticed while I was doing an update on my
+desktop and playing with cancellation.
+
+Closes: #1266
+Approved by: jlebon
+Origin: upstream, 2017.13, commit:a1986b1a8083ef4f840973f1c73d932a52e43644
+---
+ src/libostree/ostree-repo-static-delta-processing.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/libostree/ostree-repo-static-delta-processing.c b/src/libostree/ostree-repo-static-delta-processing.c
+index 844de2c..78bf7e1 100644
+--- a/src/libostree/ostree-repo-static-delta-processing.c
++++ b/src/libostree/ostree-repo-static-delta-processing.c
+@@ -229,6 +229,9 @@ _ostree_static_delta_part_execute (OstreeRepo *repo,
+ state->oplen--;
+ state->opdata++;
+
++ if (g_cancellable_set_error_if_cancelled (cancellable, error))
++ goto out;
++
+ switch (opcode)
+ {
+ case OSTREE_STATIC_DELTA_OP_OPEN_SPLICE_AND_CLOSE:
--- /dev/null
+From: Dan Nicholson <nicholson@endlessm.com>
+Date: Wed, 11 Oct 2017 14:03:10 +0000
+Subject: lib/deploy: Ignore FIFREEZE/FITHAW errors when already in state
+
+If the filesystem is already frozen, FIFREEZE returns EBUSY, and if the
+filesystem is already thawed, FITHAW returns EINVAL. It's very unlikely
+these issues would arise on a real ostree system since the sysroot would
+be locked during the freeze/thaw cycle.
+
+However, when multiple fake sysroots are used during the test suite (run
+as root), the tests could race to run the freeze/thaw cycle without
+locking. Furthermore, there's no reason why an independent process might
+be trying to freeze the filesystem while ostree was deploying. Ignore
+but warn for these errors since there's not much ostree can do about it,
+anyways.
+
+Closes: #1260
+Approved by: cgwalters
+Origin: upstream, 2017.13, commit:a5b7660c940a200adac1a7d217e4a1cd72719021
+---
+ src/libostree/ostree-sysroot-deploy.c | 16 +++++++++++++---
+ 1 file changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
+index a89711f..e37db39 100644
+--- a/src/libostree/ostree-sysroot-deploy.c
++++ b/src/libostree/ostree-sysroot-deploy.c
+@@ -1321,11 +1321,15 @@ fsfreeze_thaw_cycle (OstreeSysroot *self,
+ /* Do a freeze/thaw cycle; TODO add a FIFREEZETHAW ioctl */
+ if (ioctl (rootfs_dfd, FIFREEZE, 0) != 0)
+ {
+- /* Not supported, or we're running in the unit tests (as non-root)?
++ /* Not supported, we're running in the unit tests (as non-root), or
++ * the filesystem is already frozen (EBUSY).
+ * OK, let's just do a syncfs.
+ */
+- if (G_IN_SET (errno, EOPNOTSUPP, EPERM))
++ if (G_IN_SET (errno, EOPNOTSUPP, EPERM, EBUSY))
+ {
++ /* Warn if the filesystem was already frozen */
++ if (errno == EBUSY)
++ g_debug ("Filesystem already frozen, falling back to syncfs");
+ if (TEMP_FAILURE_RETRY (syncfs (rootfs_dfd)) != 0)
+ return glnx_throw_errno_prefix (error, "syncfs");
+ /* Write the completion, and return */
+@@ -1338,7 +1342,13 @@ fsfreeze_thaw_cycle (OstreeSysroot *self,
+ }
+ /* And finally thaw, then signal our completion to the watchdog */
+ if (TEMP_FAILURE_RETRY (ioctl (rootfs_dfd, FITHAW, 0)) != 0)
+- return glnx_throw_errno_prefix (error, "ioctl(FITHAW)");
++ {
++ /* Warn but don't error if the filesystem was already thawed */
++ if (errno == EINVAL)
++ g_debug ("Filesystem already thawed");
++ else
++ return glnx_throw_errno_prefix (error, "ioctl(FITHAW)");
++ }
+ if (write (sock_parent, &c, sizeof (c)) != sizeof (c))
+ return glnx_throw_errno_prefix (error, "write(watchdog FITHAW complete)");
+ }
--- /dev/null
+From: Colin Walters <walters@verbum.org>
+Date: Wed, 11 Oct 2017 17:02:02 -0400
+Subject: lib/deploy: Use _exit() for FIFREEZE watchdog
+
+This works around an (IMO) SpiderMonkey bug - it tries to
+clean up in a shared library destructor, but doesn't install a
+`pthread_atfork()` handler to unset its state.
+
+Closes: https://github.com/ostreedev/ostree/issues/1262
+
+Closes: #1264
+Approved by: dbnicholson
+Origin: upstream, 2017.13, commit:8f6ec62bfb149ec8dfb6076228dd64e5df27a76b
+---
+ src/libostree/ostree-sysroot-deploy.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/libostree/ostree-sysroot-deploy.c b/src/libostree/ostree-sysroot-deploy.c
+index e37db39..d46d5c3 100644
+--- a/src/libostree/ostree-sysroot-deploy.c
++++ b/src/libostree/ostree-sysroot-deploy.c
+@@ -1291,7 +1291,12 @@ fsfreeze_thaw_cycle (OstreeSysroot *self,
+ }
+ if (debug_fifreeze)
+ g_printerr ("fifreeze watchdog was run\n");
+- exit (EXIT_SUCCESS);
++ /* We use _exit() rather than exit() to avoid tripping over any shared
++ * libraries in process that aren't fork() safe; for example gjs/spidermonkey:
++ * https://github.com/ostreedev/ostree/issues/1262
++ * This doesn't help for the err()/errx() calls above, but eh...
++ */
++ _exit (EXIT_SUCCESS);
+ }
+ else /* Parent process. */
+ {
--- /dev/null
+From: Colin Walters <walters@verbum.org>
+Date: Wed, 25 Oct 2017 13:13:17 -0400
+Subject: lib/repo: Fix loading commitstate with parent repos
+
+This makes the code nicer too. Properly unit testing this though really wants
+like a whole set of stuff around parent repos...but we do have coverage of the
+non-parent path in the current pull tests.
+
+Closes: https://github.com/ostreedev/ostree/issues/1306
+
+Closes: #1308
+Approved by: alexlarsson
+Origin: upstream, 2017.13, commit:90ebd48f6aaf45c47b48c44354359f973dcf22a8
+---
+ src/libostree/ostree-repo.c | 52 +++++++++++++++++++--------------------------
+ 1 file changed, 22 insertions(+), 30 deletions(-)
+
+diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
+index 0632ee2..eac5610 100644
+--- a/src/libostree/ostree-repo.c
++++ b/src/libostree/ostree-repo.c
+@@ -2807,6 +2807,7 @@ load_metadata_internal (OstreeRepo *self,
+ GVariant **out_variant,
+ GInputStream **out_stream,
+ guint64 *out_size,
++ OstreeRepoCommitState *out_state,
+ GCancellable *cancellable,
+ GError **error)
+ {
+@@ -2817,6 +2818,7 @@ load_metadata_internal (OstreeRepo *self,
+ g_autoptr(GVariant) ret_variant = NULL;
+
+ g_return_val_if_fail (OSTREE_OBJECT_TYPE_IS_META (objtype), FALSE);
++ g_return_val_if_fail (objtype == OSTREE_OBJECT_TYPE_COMMIT || out_state == NULL, FALSE);
+
+ /* Special caching for dirmeta objects, since they're commonly referenced many
+ * times.
+@@ -2904,11 +2906,24 @@ load_metadata_internal (OstreeRepo *self,
+
+ if (out_size)
+ *out_size = stbuf.st_size;
++
++ if (out_state)
++ {
++ g_autofree char *commitpartial_path = _ostree_get_commitpartial_path (sha256);
++ *out_state = 0;
++
++ if (!glnx_fstatat_allow_noent (self->repo_dir_fd, commitpartial_path, NULL, 0, error))
++ return FALSE;
++ if (errno == 0)
++ *out_state |= OSTREE_REPO_COMMIT_STATE_PARTIAL;
++ }
+ }
+ else if (self->parent_repo)
+ {
+- if (!ostree_repo_load_variant (self->parent_repo, objtype, sha256, &ret_variant, error))
+- return FALSE;
++ /* Directly recurse to simplify out parameters */
++ return load_metadata_internal (self->parent_repo, objtype, sha256, error_if_not_found,
++ out_variant, out_stream, out_size, out_state,
++ cancellable, error);
+ }
+ else if (error_if_not_found)
+ {
+@@ -3220,7 +3235,7 @@ ostree_repo_load_object_stream (OstreeRepo *self,
+ if (OSTREE_OBJECT_TYPE_IS_META (objtype))
+ {
+ if (!load_metadata_internal (self, objtype, checksum, TRUE, NULL,
+- &ret_input, &size,
++ &ret_input, &size, NULL,
+ cancellable, error))
+ return FALSE;
+ }
+@@ -3516,7 +3531,7 @@ ostree_repo_load_variant_if_exists (OstreeRepo *self,
+ GError **error)
+ {
+ return load_metadata_internal (self, objtype, sha256, FALSE,
+- out_variant, NULL, NULL, NULL, error);
++ out_variant, NULL, NULL, NULL, NULL, error);
+ }
+
+ /**
+@@ -3538,7 +3553,7 @@ ostree_repo_load_variant (OstreeRepo *self,
+ GError **error)
+ {
+ return load_metadata_internal (self, objtype, sha256, TRUE,
+- out_variant, NULL, NULL, NULL, error);
++ out_variant, NULL, NULL, NULL, NULL, error);
+ }
+
+ /**
+@@ -3561,31 +3576,8 @@ ostree_repo_load_commit (OstreeRepo *self,
+ OstreeRepoCommitState *out_state,
+ GError **error)
+ {
+- if (out_variant)
+- {
+- if (!load_metadata_internal (self, OSTREE_OBJECT_TYPE_COMMIT, checksum, TRUE,
+- out_variant, NULL, NULL, NULL, error))
+- return FALSE;
+- }
+-
+- if (out_state)
+- {
+- g_autofree char *commitpartial_path = _ostree_get_commitpartial_path (checksum);
+- struct stat stbuf;
+-
+- *out_state = 0;
+-
+- if (fstatat (self->repo_dir_fd, commitpartial_path, &stbuf, 0) == 0)
+- {
+- *out_state |= OSTREE_REPO_COMMIT_STATE_PARTIAL;
+- }
+- else if (errno != ENOENT)
+- {
+- return glnx_throw_errno_prefix (error, "fstatat(%s)", commitpartial_path);
+- }
+- }
+-
+- return TRUE;
++ return load_metadata_internal (self, OSTREE_OBJECT_TYPE_COMMIT, checksum, TRUE,
++ out_variant, NULL, NULL, out_state, NULL, error);
+ }
+
+ /**
--- /dev/null
+From: Dan Nicholson <nicholson@endlessm.com>
+Date: Tue, 24 Oct 2017 19:27:17 +0000
+Subject: lib/repo: Properly handle NULL homedir when signing commit
+
+Without this, ostree_repo_sign_commit throws a critical message when no
+homedir is provided:
+
+(ostree gpg-sign:5034): GLib-GIO-CRITICAL **: g_file_new_for_path: assertion 'path != NULL' failed
+
+Closes: #1305
+Approved by: cgwalters
+Origin: upstream, 2017.13, commit:63ce86d5977ebfbedd2cdfba1e4f6bd400a3a1b8
+---
+ src/libostree/ostree-repo.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/libostree/ostree-repo.c b/src/libostree/ostree-repo.c
+index 1e336e9..0632ee2 100644
+--- a/src/libostree/ostree-repo.c
++++ b/src/libostree/ostree-repo.c
+@@ -4119,7 +4119,9 @@ ostree_repo_sign_commit (OstreeRepo *self,
+ * pass the homedir so that the signing key can be imported, allowing
+ * subkey signatures to be recognised. */
+ g_autoptr(GError) local_error = NULL;
+- g_autoptr(GFile) verify_keydir = g_file_new_for_path (homedir);
++ g_autoptr(GFile) verify_keydir = NULL;
++ if (homedir != NULL)
++ verify_keydir = g_file_new_for_path (homedir);
+ g_autoptr(OstreeGpgVerifyResult) result
+ =_ostree_repo_gpg_verify_with_metadata (self, commit_data, old_metadata,
+ NULL, verify_keydir, NULL,
--- /dev/null
+From: Colin Walters <walters@verbum.org>
+Date: Mon, 16 Oct 2017 15:29:38 -0400
+Subject: lib/sysroot: Fix error handling when mounting overlayfs fails
+
+This isn't perfect, but at least we fix an error-overwrite error, and in
+practice `ostree admin unlock` isn't wrapped by `rpm-ostree` yet, so spew to
+stderr is OK.
+
+Closes: https://github.com/ostreedev/ostree/issues/1273
+
+Closes: #1279
+Approved by: guyshapiro
+Origin: upstream, 2017.13, commit:464965e6b4897f9c6d4487ca10eb5bc60ad9a670
+---
+ src/libostree/ostree-sysroot.c | 13 +++++++++----
+ 1 file changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c
+index 2ee5eb5..16f76f7 100644
+--- a/src/libostree/ostree-sysroot.c
++++ b/src/libostree/ostree-sysroot.c
+@@ -22,6 +22,7 @@
+ #include "otutil.h"
+ #include <sys/file.h>
+ #include <sys/mount.h>
++#include <err.h>
+ #include <sys/wait.h>
+
+ #include "ostree.h"
+@@ -1763,11 +1764,15 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
+ return glnx_throw_errno_prefix (error, "fork");
+ else if (mount_child == 0)
+ {
+- /* Child process. Do NOT use any GLib API here. */
++ /* Child process. Do NOT use any GLib API here; it's not generally fork() safe.
++ *
++ * TODO: report errors across a pipe (or use the journal?) rather than
++ * spewing to stderr.
++ */
+ if (fchdir (deployment_dfd) < 0)
+- exit (EXIT_FAILURE);
++ err (1, "fchdir");
+ if (mount ("overlay", "/usr", "overlay", 0, ovl_options) < 0)
+- exit (EXIT_FAILURE);
++ err (1, "mount");
+ exit (EXIT_SUCCESS);
+ }
+ else
+@@ -1778,7 +1783,7 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
+ if (TEMP_FAILURE_RETRY (waitpid (mount_child, &estatus, 0)) < 0)
+ return glnx_throw_errno_prefix (error, "waitpid() on mount helper");
+ if (!g_spawn_check_exit_status (estatus, error))
+- return glnx_throw_errno_prefix (error, "overlayfs mount helper");
++ return glnx_prefix_error (error, "Failed overlayfs mount");
+ }
+ }
+
--- /dev/null
+From: Colin Walters <walters@verbum.org>
+Date: Wed, 4 Oct 2017 10:24:21 -0400
+Subject: lib/sysroot: Fix pointer going out of scope in unlock code
+
+Fixes Coverity CID #1457317
+
+Closes: #1249
+Approved by: jlebon
+Origin: upstream, 2017.13, commit:351ffdb9778436b193ba9d2fbeebe2358e55004f
+---
+ src/libostree/ostree-sysroot.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libostree/ostree-sysroot.c b/src/libostree/ostree-sysroot.c
+index fe61a12..2ee5eb5 100644
+--- a/src/libostree/ostree-sysroot.c
++++ b/src/libostree/ostree-sysroot.c
+@@ -1698,6 +1698,7 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
+ return FALSE;
+
+ const char *ovl_options = NULL;
++ static const char hotfix_ovl_options[] = "lowerdir=usr,upperdir=.usr-ovl-upper,workdir=.usr-ovl-work";
+ switch (unlocked_state)
+ {
+ case OSTREE_DEPLOYMENT_UNLOCKED_NONE:
+@@ -1705,7 +1706,6 @@ ostree_sysroot_deployment_unlock (OstreeSysroot *self,
+ break;
+ case OSTREE_DEPLOYMENT_UNLOCKED_HOTFIX:
+ {
+- const char hotfix_ovl_options[] = "lowerdir=usr,upperdir=.usr-ovl-upper,workdir=.usr-ovl-work";
+ /* Create the overlayfs directories in the deployment root
+ * directly for hotfixes. The ostree-prepare-root.c helper
+ * is also set up to detect and mount these.
--- /dev/null
+From: Simon McVittie <smcv@debian.org>
+Date: Thu, 26 Oct 2017 12:08:15 +0100
+Subject: lib/utils: Check for invalid UTF-8 in filenames
+
+In case a filename contains invalid UTF-8 characters, libostree will
+pass it to g_variant_builder_add() in create_tree_variant_from_hashes()
+anyway, which leads to a critical warning from glib and an invalid
+commit. This commit makes ostree print a useful error and exit instead.
+
+Closes: #1271
+Approved by: cgwalters
+Origin: upstream, 2017.13, commit:2a9c5efe1d10b79681b0ee638994ead375be6597
+---
+ src/libotutil/ot-unix-utils.c | 2 ++
+ tests/basic-test.sh | 10 +++++++++-
+ 2 files changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/src/libotutil/ot-unix-utils.c b/src/libotutil/ot-unix-utils.c
+index d6c5ee6..1446cde 100644
+--- a/src/libotutil/ot-unix-utils.c
++++ b/src/libotutil/ot-unix-utils.c
+@@ -50,6 +50,8 @@ ot_util_filename_validate (const char *name,
+ {
+ return glnx_throw (error, "Invalid / in filename %s", name);
+ }
++ if (!g_utf8_validate (name, -1, NULL))
++ return glnx_throw (error, "Invalid UTF-8 in filename %s", name);
+ return TRUE;
+ }
+
+diff --git a/tests/basic-test.sh b/tests/basic-test.sh
+index a01f437..52bbe52 100644
+--- a/tests/basic-test.sh
++++ b/tests/basic-test.sh
+@@ -19,7 +19,7 @@
+
+ set -euo pipefail
+
+-echo "1..$((73 + ${extra_basic_tests:-0}))"
++echo "1..$((74 + ${extra_basic_tests:-0}))"
+
+ CHECKOUT_U_ARG=""
+ CHECKOUT_H_ARGS="-H"
+@@ -334,6 +334,14 @@ echo "ok commit from ref with modifier"
+ $OSTREE commit ${COMMIT_ARGS} -b trees/test2 -s 'ref with / in it' --tree=ref=test2
+ echo "ok commit ref with /"
+
++mkdir badutf8
++echo "invalid utf8 filename" > badutf8/$(printf '\x80')
++if $OSTREE commit ${COMMIT_ARGS} -b badutf8 --tree=dir=badutf8 2>err.txt; then
++ assert_not_reached "commit filename with invalid UTF-8"
++fi
++assert_file_has_content err.txt "Invalid UTF-8 in filename"
++echo "ok commit bad UTF-8"
++
+ old_rev=$($OSTREE rev-parse test2)
+ $OSTREE ls -R -C test2
+ $OSTREE commit ${COMMIT_ARGS} --skip-if-unchanged -b trees/test2 -s 'should not be committed' --tree=ref=test2
--- /dev/null
+From: Colin Walters <walters@verbum.org>
+Date: Fri, 13 Oct 2017 18:14:17 -0400
+Subject: tests: Add test-pull-bareuseronly
+
+I was going to fix a bug in the static deltas code and I noticed
+we were missing `pull-test.sh` coverage for bareuseronly.
+
+Obviously fixing this requires duplicating some of the bits we have in
+`basic-test.sh`; need to hoist that into `libtest.sh`. For now though let's get
+the coverage.
+
+Closes: #1270
+Approved by: jlebon
+Origin: upstream, 2017.13, commit:95afe2848d65a8062f4a76adb1ab80b6bcc4d79e
+---
+ Makefile-tests.am | 1 +
+ tests/pull-test.sh | 69 +++++++++++++++++++++++++++--------------
+ tests/test-pull-bareuseronly.sh | 28 +++++++++++++++++
+ 3 files changed, 75 insertions(+), 23 deletions(-)
+ create mode 100755 tests/test-pull-bareuseronly.sh
+
+diff --git a/Makefile-tests.am b/Makefile-tests.am
+index 7cf2b19..42e73fa 100644
+--- a/Makefile-tests.am
++++ b/Makefile-tests.am
+@@ -69,6 +69,7 @@ _installed_or_uninstalled_test_scripts = \
+ tests/test-parent.sh \
+ tests/test-pull-bare.sh \
+ tests/test-pull-bareuser.sh \
++ tests/test-pull-bareuseronly.sh \
+ tests/test-pull-commit-only.sh \
+ tests/test-pull-depth.sh \
+ tests/test-pull-mirror-summary.sh \
+diff --git a/tests/pull-test.sh b/tests/pull-test.sh
+index 2afc0ac..b2613fc 100644
+--- a/tests/pull-test.sh
++++ b/tests/pull-test.sh
+@@ -27,9 +27,26 @@ function repo_init() {
+ ${CMD_PREFIX} ostree --repo=repo remote add origin $(cat httpd-address)/ostree/gnomerepo "$@"
+ }
+
++repo_init --no-gpg-verify
++
++# See also the copy of this in basic-test.sh
++COMMIT_ARGS=""
++CHECKOUT_U_ARG=""
++CHECKOUT_H_ARGS="-H"
++if is_bare_user_only_repo repo; then
++ COMMIT_ARGS="--canonical-permissions"
++ # Also, since we can't check out uid=0 files we need to check out in user mode
++ CHECKOUT_U_ARG="-U"
++ CHECKOUT_H_ARGS="-U -H"
++else
++ if grep -E -q '^mode=bare-user' repo/config; then
++ CHECKOUT_H_ARGS="-U -H"
++ fi
++fi
++
+ function verify_initial_contents() {
+ rm checkout-origin-main -rf
+- $OSTREE checkout origin/main checkout-origin-main
++ $OSTREE checkout ${CHECKOUT_H_ARGS} origin/main checkout-origin-main
+ cd checkout-origin-main
+ assert_file_has_content firstfile '^first$'
+ assert_file_has_content baz/cow '^moo$'
+@@ -61,7 +78,7 @@ echo "ok pull mirror"
+
+ mkdir otherbranch
+ echo someothercontent > otherbranch/someothercontent
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b otherbranch --tree=dir=otherbranch
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b otherbranch --tree=dir=otherbranch
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+ rm mirrorrepo -rf
+ # All refs
+@@ -88,9 +105,9 @@ echo "ok pull mirror (ref subset with summary)"
+
+ cd ${test_tmpdir}
+ rm checkout-origin-main -rf
+-$OSTREE --repo=ostree-srv/gnomerepo checkout main checkout-origin-main
++$OSTREE --repo=ostree-srv/gnomerepo checkout ${CHECKOUT_U_ARG} main checkout-origin-main
+ echo moomoo > checkout-origin-main/baz/cow
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "" --tree=dir=checkout-origin-main
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main -s "" --tree=dir=checkout-origin-main
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo static-delta generate main
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo fsck
+@@ -115,11 +132,12 @@ ${CMD_PREFIX} ostree --repo=mirrorrepo pull --bareuseronly-files origin main
+ echo "ok pull (bareuseronly, safe)"
+
+ rm checkout-origin-main -rf
+-$OSTREE --repo=ostree-srv/gnomerepo checkout main checkout-origin-main
++$OSTREE --repo=ostree-srv/gnomerepo checkout ${CHECKOUT_U_ARG} main checkout-origin-main
+ cat > statoverride.txt <<EOF
+ 2048 /some-setuid
+ EOF
+ echo asetuid > checkout-origin-main/some-setuid
++# Don't use ${COMMIT_ARGS} as we don't want --canonical-permissions with bare-user-only
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b content-with-suid --statoverride=statoverride.txt --tree=dir=checkout-origin-main
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+ # Verify we reject it both when unpacking and when mirroring
+@@ -140,7 +158,8 @@ echo "ok pull (bareuseronly mirror)"
+ # Corruption tests <https://github.com/ostreedev/ostree/issues/1211>
+ cd ${test_tmpdir}
+ repo_init --no-gpg-verify
+-if ! is_bare_user_only_repo repo && ! skip_one_without_user_xattrs; then
++if ! is_bare_user_only_repo repo; then
++if ! skip_one_without_user_xattrs; then
+ if is_bare_user_only_repo repo; then
+ cacherepomode=bare-user-only
+ else
+@@ -193,15 +212,19 @@ if ! is_bare_user_only_repo repo && ! skip_one_without_user_xattrs; then
+ repo_init --no-gpg-verify
+ echo "ok corruption"
+ fi
++else
++# bareuseronly case, we don't mark it as SKIP at the moment
++echo "ok corruption (skipped)"
++fi
+
+ cd ${test_tmpdir}
+ rm mirrorrepo/refs/remotes/* -rf
+ ${CMD_PREFIX} ostree --repo=mirrorrepo prune --refs-only
+ ${CMD_PREFIX} ostree --repo=mirrorrepo pull origin main
+ rm checkout-origin-main -rf
+-$OSTREE --repo=ostree-srv/gnomerepo checkout main checkout-origin-main
++$OSTREE --repo=ostree-srv/gnomerepo checkout ${CHECKOUT_U_ARG} main checkout-origin-main
+ echo yetmorecontent > checkout-origin-main/baz/cowtest
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "" --tree=dir=checkout-origin-main
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main -s "" --tree=dir=checkout-origin-main
+ rev=$(${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo rev-parse main)
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo static-delta generate main
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+@@ -223,8 +246,8 @@ cd ${test_tmpdir}
+ rm otherrepo -rf
+ ostree_repo_init otherrepo --mode=archive
+ rm checkout-origin-main -rf
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout main checkout-origin-main
+-${CMD_PREFIX} ostree --repo=otherrepo commit -b localbranch --tree=dir=checkout-origin-main
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout ${CHECKOUT_U_ARG} main checkout-origin-main
++${CMD_PREFIX} ostree --repo=otherrepo commit ${COMMIT_ARGS} -b localbranch --tree=dir=checkout-origin-main
+ ${CMD_PREFIX} ostree --repo=otherrepo remote add --set=gpg-verify=false origin file://$(pwd)/ostree-srv/gnomerepo
+ ${CMD_PREFIX} ostree --repo=otherrepo pull origin main
+ rm mirrorrepo-local -rf
+@@ -247,7 +270,7 @@ assert_file_has_content_literal err.txt "error: Refspec 'nosuchbranch' not found
+ echo "ok pull-local nonexistent branch"
+
+ cd ${test_tmpdir}
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main -s "Metadata string" --add-detached-metadata-string=SIGNATURE=HANCOCK --tree=ref=main
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main -s "Metadata string" --add-detached-metadata-string=SIGNATURE=HANCOCK --tree=ref=main
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+ ${CMD_PREFIX} ostree --repo=repo pull origin main
+ ${CMD_PREFIX} ostree --repo=repo fsck
+@@ -278,13 +301,13 @@ origrev=$(${CMD_PREFIX} ostree --repo=repo rev-parse main)
+ # Check we can pull the same commit with timestamp checking enabled
+ ${CMD_PREFIX} ostree --repo=repo pull -T origin main
+ assert_streq ${origrev} "$(${CMD_PREFIX} ostree --repo=repo rev-parse main)"
+-newrev=$(${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit -b main --tree=ref=main)
++newrev=$(${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main --tree=ref=main)
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+ # New commit with timestamp checking
+ ${CMD_PREFIX} ostree --repo=repo pull -T origin main
+ assert_not_streq "${origrev}" "${newrev}"
+ assert_streq ${newrev} "$(${CMD_PREFIX} ostree --repo=repo rev-parse main)"
+-newrev2=$(${CMD_PREFIX} ostree --timestamp="October 25 1985" --repo=ostree-srv/gnomerepo commit -b main --tree=ref=main)
++newrev2=$(${CMD_PREFIX} ostree --timestamp="October 25 1985" --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main --tree=ref=main)
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+ if ${CMD_PREFIX} ostree --repo=repo pull -T origin main 2>err.txt; then
+ fatal "pulled older commit with timestamp checking enabled?"
+@@ -304,12 +327,12 @@ ${CMD_PREFIX} ostree --repo=repo fsck
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo static-delta generate main
+
+ rm main-files -rf
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout main main-files
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout ${CHECKOUT_U_ARG} main main-files
+ cd main-files
+ echo "an added file for static deltas" > added-file
+ echo "modified file for static deltas" > baz/cow
+ rm baz/saucer
+-${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s 'static delta test'
++${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main -s 'static delta test'
+ cd ..
+ rm main-files -rf
+ # Generate delta that we'll use
+@@ -353,7 +376,7 @@ ${CMD_PREFIX} ostree --repo=repo pull --disable-static-deltas origin main
+ ${CMD_PREFIX} ostree --repo=repo fsck
+
+ rm checkout-origin-main -rf
+-$OSTREE checkout origin:main checkout-origin-main
++$OSTREE checkout ${CHECKOUT_H_ARGS} origin:main checkout-origin-main
+ cd checkout-origin-main
+ assert_file_has_content firstfile '^first$'
+ assert_file_has_content baz/cow "modified file for static deltas"
+@@ -405,10 +428,10 @@ echo "ok delta required for revision"
+
+ cd ${test_tmpdir}
+ rm main-files -rf
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout main main-files
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout ${CHECKOUT_U_ARG} main main-files
+ cd main-files
+ echo "more added files for static deltas" > added-file2
+-${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s 'inline static delta test'
++${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main -s 'inline static delta test'
+ cd ..
+ rm main-files -rf
+ # Generate new delta that we'll use
+@@ -420,7 +443,7 @@ ${CMD_PREFIX} ostree --repo=repo pull origin main
+ ${CMD_PREFIX} ostree --repo=repo fsck
+
+ rm checkout-origin-main -rf
+-$OSTREE checkout origin:main checkout-origin-main
++$OSTREE checkout ${CHECKOUT_H_ARGS} origin:main checkout-origin-main
+ cd checkout-origin-main
+ assert_file_has_content added-file2 "more added files for static deltas"
+
+@@ -428,12 +451,12 @@ echo "ok inline static delta"
+
+ cd ${test_tmpdir}
+ rm main-files -rf
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout main main-files
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo checkout ${CHECKOUT_U_ARG} main main-files
+ cd main-files
+ # Make a file larger than 16M for testing
+ dd if=/dev/zero of=test-bigfile count=1 seek=42678
+ echo "further modified file for static deltas" > baz/cow
+-${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit -b main -s '2nd static delta test'
++${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit ${COMMIT_ARGS} -b main -s '2nd static delta test'
+ cd ..
+ rm main-files -rf
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo static-delta generate main
+@@ -444,7 +467,7 @@ ${CMD_PREFIX} ostree --repo=repo pull origin main
+ ${CMD_PREFIX} ostree --repo=repo fsck
+
+ rm checkout-origin-main -rf
+-$OSTREE checkout origin:main checkout-origin-main
++$OSTREE checkout ${CHECKOUT_H_ARGS} origin:main checkout-origin-main
+ cd checkout-origin-main
+ assert_has_file test-bigfile
+ stat --format=%s test-bigfile > bigfile-size
+@@ -496,7 +519,7 @@ echo "ok pull repo 404 on dirtree object"
+
+ cd ${test_tmpdir}
+ repo_init --set=gpg-verify=true
+-${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit \
++${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} \
+ --gpg-homedir=${TEST_GPG_KEYHOME} --gpg-sign=${TEST_GPG_KEYID_1} -b main \
+ -s "A signed commit" --tree=ref=main
+ ${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
+diff --git a/tests/test-pull-bareuseronly.sh b/tests/test-pull-bareuseronly.sh
+new file mode 100755
+index 0000000..f5c06c4
+--- /dev/null
++++ b/tests/test-pull-bareuseronly.sh
+@@ -0,0 +1,28 @@
++#!/bin/bash
++#
++# Copyright (C) 2017 Colin Walters <walters@verbum.org>
++#
++# This library is free software; you can redistribute it and/or
++# modify it under the terms of the GNU Lesser General Public
++# License as published by the Free Software Foundation; either
++# version 2 of the License, or (at your option) any later version.
++#
++# This library is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++# Lesser General Public License for more details.
++#
++# You should have received a copy of the GNU Lesser General Public
++# License along with this library; if not, write to the
++# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
++# Boston, MA 02111-1307, USA.
++
++set -euo pipefail
++
++. $(dirname $0)/libtest.sh
++
++skip_without_user_xattrs
++setup_fake_remote_repo1 "archive" "--canonical-permissions"
++
++repo_mode=bare-user-only
++. ${test_srcdir}/pull-test.sh
+dist/Add-missing-test-libglnx-shutil.patch
2017.13/lib-pull-Fix-regression-with-pull-local-for-nonexistent-r.patch
2017.13/lib-repo-commit-Import-detached-metadata-even-if-hardlink.patch
-dist/Add-missing-test-libglnx-shutil.patch
+2017.13/lib-core-Init-struct-stat-buffer.patch
+2017.13/lib-sysroot-Fix-pointer-going-out-of-scope-in-unlock-code.patch
+2017.13/lib-deploy-Ignore-FIFREEZE-FITHAW-errors-when-already-in-.patch
+2017.13/lib-deploy-Use-_exit-for-FIFREEZE-watchdog.patch
+2017.13/lib-deltas-Check-cancellable-during-processing.patch
+2017.13/lib-utils-Check-for-invalid-UTF-8-in-filenames.patch
+2017.13/Cope-with-xattr-syscalls-raising-EOPNOTSUPP.patch
+2017.13/lib-sysroot-Fix-error-handling-when-mounting-overlayfs-fa.patch
+2017.13/tests-Add-test-pull-bareuseronly.patch
+2017.13/lib-repo-Properly-handle-NULL-homedir-when-signing-commit.patch
+2017.13/lib-repo-Fix-loading-commitstate-with-parent-repos.patch
projects / ostree.git / commitdiff