projects / ostree.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0c0b6ce) | patch
init-fs: Add --epoch=2
authorColin Walters <walters@verbum.org>
Fri, 12 Apr 2024 20:10:36 +0000 (16:10 -0400)
committerColin Walters <walters@verbum.org>
Fri, 12 Apr 2024 20:10:36 +0000 (16:10 -0400)
commit74a3d2da9cc0a61f5f57aed765882765a5374d9e
treeb7b6826518e23e9c1d331c59cf76eca8966c4f67tree | snapshot
parent0c0b6cee61b4a3e98ffabfef858b40472930b917commit | diff
init-fs: Add --epoch=2

We want to start switching things so that the toplevel `/ostree`
repository is mode 0700, to close off unprivileged code
from being able to access it.  Previous deployment roots
may have setuid binaries, etc.  The `/var/lib/containers/storage`
directory is mode 0700 for this reason I believe.

Closes: https://github.com/ostreedev/ostree/issues/3211
man/ostree-admin-init-fs.xml diff | blob | history
src/ostree/ot-admin-builtin-init-fs.c diff | blob | history
tests/admin-test.sh diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.