From: Colin Walters <walters@verbum.org>
Date: Thu, 10 Mar 2022 21:46:53 +0000 (-0500)
Subject: tmpfiles: Create `/run/ostree`
X-Git-Tag: archive/raspbian/2022.4-1+rpi1^2~9^2~1^2~14^2
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=0d020a7145da488d4939975860569a5d8841aaab;p=ostree.git

tmpfiles: Create `/run/ostree`

This is referenced by https://github.com/ostreedev/ostree-rs-ext/blob/9645cee4f29786ba51ae9d62a52eeef9230146fd/lib/src/globals.rs#L16
specifically used for the (container image) pull secret in
`/run/ostree/auth.json`.

Let's pre-create the directory so users don't have to.

Motivated by https://github.com/openshift/machine-config-operator/pull/3007#discussion_r824172564
---

diff --git a/src/boot/ostree-tmpfiles.conf b/src/boot/ostree-tmpfiles.conf
index 4cbba0bd..69c2d3f3 100644
--- a/src/boot/ostree-tmpfiles.conf
+++ b/src/boot/ostree-tmpfiles.conf
@@ -13,5 +13,7 @@
 # You should have received a copy of the GNU Lesser General Public
 # License along with this library. If not, see <https://www.gnu.org/licenses/>.
 
+# ostree runtime configuration
+d /run/ostree 0755 root root -
 # https://github.com/ostreedev/ostree/issues/393
 R! /var/tmp/ostree-unlock-ovl.*
diff --git a/tests/inst/src/sysroot.rs b/tests/inst/src/sysroot.rs
index 301ef8b3..b10dbcd4 100644
--- a/tests/inst/src/sysroot.rs
+++ b/tests/inst/src/sysroot.rs
@@ -1,5 +1,8 @@
 //! Tests that mostly use the API and access the booted sysroot read-only.
 
+use std::os::unix::prelude::PermissionsExt;
+use std::path::Path;
+
 use anyhow::Result;
 use ostree_ext::prelude::*;
 use ostree_ext::{gio, ostree};
@@ -45,3 +48,13 @@ fn test_immutable_bit() -> Result<()> {
     cmd_has_output(sh_inline::bash_command!("lsattr -d /").unwrap(), "-i-")?;
     Ok(())
 }
+
+#[itest]
+fn test_tmpfiles() -> Result<()> {
+    if skip_non_ostree_host() {
+        return Ok(());
+    }
+    let metadata = Path::new("/run/ostree").metadata()?;
+    assert_eq!(metadata.permissions().mode() & !nix::libc::S_IFMT, 0o755);
+    Ok(())
+}