Simon McVittie [Thu, 26 Oct 2023 10:26:04 +0000 (11:26 +0100)]
Skip test-admin-deploy-uboot.sh on s390x
It fails on a porterbox. ostree hard-codes zipl to be used on s390x,
so it's reasonable that tests for other bootloaders might not work.
Bug: https://github.com/ostreedev/ostree/issues/3086
Forwarded: no
Gbp-Pq: Topic debian
Gbp-Pq: Name Skip-test-admin-deploy-uboot.sh-on-s390x.patch
Simon McVittie [Tue, 6 Dec 2022 10:59:33 +0000 (10:59 +0000)]
test-sysroot: Skip on s390x by default
This test regularly fails on the buildds, but I cannot reproduce the
failure on a porterbox.
Bug: https://github.com/ostreedev/ostree/issues/2527
Bug-Debian: https://bugs.debian.org/
1025532
Forwarded: not-needed
Gbp-Pq: Topic debian
Gbp-Pq: Name test-sysroot-Skip-on-s390x-by-default.patch
Simon McVittie [Mon, 30 Jul 2018 15:51:01 +0000 (16:51 +0100)]
Skip test-pull-repeated during CI
This test is expected to fail a small proportion of the time. During
the build of ostree 2018.7-1 in Debian, it seems we were unlucky on
s390x. Non-deterministic tests are also problematic for autopkgtest,
where they can gate migration of our dependencies like GLib, so skip
this test unless the caller has opted-in to non-deterministic tests.
It would be appropriate to enable this test in environments where
failures can easily be retried and are not disruptive to other
packages.
Signed-off-by: Simon McVittie <smcv@debian.org>
Gbp-Pq: Topic debian
Gbp-Pq: Name Skip-test-pull-repeated-during-CI.patch
Simon McVittie [Thu, 26 Dec 2024 17:05:43 +0000 (17:05 +0000)]
Release to unstable
Simon McVittie [Mon, 23 Dec 2024 10:05:23 +0000 (10:05 +0000)]
New upstream release
Simon McVittie [Mon, 23 Dec 2024 09:53:40 +0000 (09:53 +0000)]
Update upstream source from tag 'upstream/2024.10'
Update to upstream version '2024.10'
with Debian dir
bcbfca73aac7d6d1c8b452363bef7aaa9cc5175e
Simon McVittie [Mon, 23 Dec 2024 09:53:33 +0000 (09:53 +0000)]
New upstream version 2024.10
Simon McVittie [Mon, 23 Dec 2024 09:53:01 +0000 (09:53 +0000)]
Update changelog
Simon McVittie [Mon, 23 Dec 2024 09:51:49 +0000 (09:51 +0000)]
d/salsa-ci.yml: Use recommended recipe
Colin Walters [Thu, 19 Dec 2024 22:10:40 +0000 (17:10 -0500)]
Merge pull request #3361 from cgwalters/release
Release 2024.10
Colin Walters [Thu, 19 Dec 2024 21:23:48 +0000 (16:23 -0500)]
Merge pull request #3351 from cgwalters/fix-transient-root-doc
man: Note semantics combining `root.transient` with `composefs.enabled`
Colin Walters [Thu, 19 Dec 2024 20:11:29 +0000 (15:11 -0500)]
Post-release version bump
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Thu, 19 Dec 2024 20:09:45 +0000 (15:09 -0500)]
Release 2024.10
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Fri, 6 Dec 2024 19:57:19 +0000 (14:57 -0500)]
man: Note semantics combining `root.transient` with `composefs.enabled`
It's all quite confusing having to reason about both the pre-composefs
ostree and the composefs version. But hopefully soon we more firmly
leave behind that first legacy.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Tue, 17 Dec 2024 20:34:37 +0000 (15:34 -0500)]
Merge pull request #3353 from jlebon/pr/composefs-maybe
libostree/deploy: enable composefs by default
Colin Walters [Tue, 17 Dec 2024 19:59:00 +0000 (14:59 -0500)]
Merge pull request #3354 from ruihe774/cfs-verity
prepare-root: Add composefs.enabled=verity
Colin Walters [Tue, 17 Dec 2024 19:22:10 +0000 (14:22 -0500)]
Merge pull request #3348 from qiuzhiqian/main
rofiles-fuse: when fuse execution fails, rofiles-fuse still returns exit code 0
Colin Walters [Tue, 17 Dec 2024 19:21:53 +0000 (14:21 -0500)]
Merge pull request #3357 from ruihe774/validate-len
sign-
ed25519: Fix error message of validate_length
Jonathan Lebon [Sat, 14 Dec 2024 13:47:21 +0000 (08:47 -0500)]
lib/deploy: error out if composefs enabled but unsupported
If composefs was explicitly requested (`enabled = true`) but libostree
was not compiled with composefs support, error out at deploy time. This
matches the logic in `ostree-prepare-root`.
Jonathan Lebon [Sat, 14 Dec 2024 13:45:19 +0000 (08:45 -0500)]
libostree/deploy: enable composefs by default
The composefs libostree integration has been supported for a while now
and is actively in use in various ostree/bootc-based systems. Let's
turn it on by default.
This has no effect if composefs support is not compiled in. Note also
that this does not change the default value of the `composefs.enabled`
tristate to `true`. The default is still `maybe`, but the deploy API
will now also create composefs images for `maybe`.
The reason for doing it this way is so that systems upgrading from
old libostree versions (which may either not have composefs support or
may have composefs-related bugs) will still be able to upgrade and not
trip `ostree-prepare-root` in the new deployment (which allows missing
composefs images for `maybe`).
We may in the future change the default value to `true`.
See also: https://github.com/ostreedev/ostree/issues/2867
Colin Walters [Tue, 17 Dec 2024 16:39:49 +0000 (11:39 -0500)]
Merge pull request #3356 from cgwalters/fix-ci
Fix ci
Misaki Kasumi [Tue, 17 Dec 2024 01:58:48 +0000 (09:58 +0800)]
sign-
ed25519: Fix error message of validate_length
Misaki Kasumi [Mon, 16 Dec 2024 20:48:50 +0000 (04:48 +0800)]
sysroot-deploy: Require fsverity when composefs.enabled=verity
Misaki Kasumi [Mon, 16 Dec 2024 11:41:21 +0000 (19:41 +0800)]
prepare-root: Add composefs.enabled=verity
Colin Walters [Mon, 16 Dec 2024 17:03:03 +0000 (17:03 +0000)]
deny: Add Unicode-3.0
This is under e.g.
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
and is now used by the unicode-ident crate.
Colin Walters [Mon, 16 Dec 2024 16:56:57 +0000 (16:56 +0000)]
Switch to quay.io vs registry.ci
The old one was a mirror that seems to have finally
been decommissioned.
Colin Walters [Tue, 3 Dec 2024 16:20:33 +0000 (11:20 -0500)]
Merge pull request #3346 from cgwalters/commit-label-ordering
core: Always sort incoming xattrs
qiuzhiqian [Tue, 3 Dec 2024 12:33:48 +0000 (20:33 +0800)]
rofiles-fuse: Fixed the problem that when fuse execution fails, the command returns a status code of 0
testcase:
`$ sudo rofiles-fuse a b`
fuse: bad mount point `b': No such file or directory
`$ echo $?`
0
Colin Walters [Wed, 27 Nov 2024 02:15:23 +0000 (21:15 -0500)]
core: Always sort incoming xattrs
When recomputing selinux attrs during commit, we weren't sorting,
which could cause various issues like fsck failures.
This is a big hammer; change things so we always canonicalize
(i.e. sort) the incoming xattrs when creating a file header
and directory metadata.
I think almost all places in the code were already keeping
things sorted, but it's better to ensure correctness first.
If we ever have some performance issue (I'm doubtful) we
could add something like `_ostree_file_header_known_canonicalized`
or so.
Closes: https://github.com/ostreedev/ostree/issues/3343
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Thu, 14 Nov 2024 23:49:32 +0000 (16:49 -0700)]
Merge pull request #3340 from smcv/issue3339
composefs: Ensure buffer is suitably aligned for struct fsverity_digest
Simon McVittie [Thu, 14 Nov 2024 09:57:36 +0000 (09:57 +0000)]
composefs: Ensure buffer is suitably aligned for struct fsverity_digest
struct fsverity_digest starts with a __u16, so it will normally require
16-bit alignment, which is not guaranteed for a char array.
Resolves: https://github.com/ostreedev/ostree/issues/3339
Signed-off-by: Simon McVittie <smcv@debian.org>
Simon McVittie [Thu, 14 Nov 2024 10:12:31 +0000 (10:12 +0000)]
Try re-enabling tests during Salsa-CI
Colin Walters [Tue, 12 Nov 2024 15:47:29 +0000 (08:47 -0700)]
Merge pull request #3337 from dabukalam/patch-1
README: Update buildstream URL to new github repo
Danny Abukalam [Tue, 12 Nov 2024 14:27:15 +0000 (14:27 +0000)]
README: Update buildstream URL to new github repo
Simon McVittie [Tue, 12 Nov 2024 09:27:36 +0000 (09:27 +0000)]
Release to unstable
Simon McVittie [Mon, 11 Nov 2024 22:24:23 +0000 (22:24 +0000)]
Drop patch that was applied upstream
Simon McVittie [Mon, 11 Nov 2024 22:24:04 +0000 (22:24 +0000)]
New upstream release
Simon McVittie [Mon, 11 Nov 2024 22:17:03 +0000 (22:17 +0000)]
Update upstream source from tag 'upstream/2024.9'
Update to upstream version '2024.9'
with Debian dir
915aefc068b31787b88aa2e67a1cabba6afe8de9
Simon McVittie [Mon, 11 Nov 2024 22:16:52 +0000 (22:16 +0000)]
New upstream version 2024.9
John Eckersberg [Tue, 5 Nov 2024 14:41:27 +0000 (09:41 -0500)]
Merge pull request #3328 from cgwalters/release
Release 2024.9
Colin Walters [Tue, 29 Oct 2024 20:50:11 +0000 (16:50 -0400)]
Release 2024.9
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Tue, 29 Oct 2024 20:50:59 +0000 (16:50 -0400)]
configure: post-release version bump
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Mon, 4 Nov 2024 22:27:09 +0000 (17:27 -0500)]
Merge pull request #3334 from cgwalters/fix-composefs-default-docs
prepare-root: Fix composefs docs
Colin Walters [Mon, 4 Nov 2024 21:10:39 +0000 (16:10 -0500)]
Merge pull request #3331 from cgwalters/verity-no-verity
checkout: Only verify digest if repo requires fsverity
Colin Walters [Mon, 4 Nov 2024 19:28:13 +0000 (14:28 -0500)]
bootupd-static: Drop this test
It breaks due to https://bugzilla.redhat.com/show_bug.cgi?id=
2308594
Colin Walters [Mon, 4 Nov 2024 18:48:56 +0000 (13:48 -0500)]
prepare-root: Fix composefs docs
In practice in ostree-sysroot-deploy.c we only react to having
`composefs = yes`; the docs mention `maybe` but that never did
anything.
The value is wrong in the code too, but I'm not touching
that here to avoid conflating changes - the main thing to fix
is the docs because here `maybe == no`.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Wed, 30 Oct 2024 14:07:26 +0000 (10:07 -0400)]
checkout: Only verify digest if repo requires fsverity
Fixes a regression from the previous commit; in
the case where the target repo doesn't have composefs in
signed mode there's no reason to verify the digest
at checkout time because we aren't verifying it at
boot time either.
The regression is in cases that use rpm-ostree e.g.
where as of recently we unconditionally add the composefs
digest, but for e.g. FCOS we aren't deploying with fsverity
enabled.
Closes: https://github.com/ostreedev/ostree/issues/3330
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Thu, 31 Oct 2024 12:15:24 +0000 (08:15 -0400)]
Merge pull request #3333 from smcv/gpg-2-2-45
tests: Work around GPG 2.2.45 error behaviour when revoking an expired key
Simon McVittie [Thu, 31 Oct 2024 11:00:32 +0000 (11:00 +0000)]
Release to unstable
Simon McVittie [Thu, 31 Oct 2024 10:59:03 +0000 (10:59 +0000)]
Add proposed patch to work around a test failure with gnupg 2.2.45
Mitigates: #
1086140
Simon McVittie [Thu, 31 Oct 2024 10:54:13 +0000 (10:54 +0000)]
tests: Work around GPG 2.2.45 error behaviour when revoking an expired key
In GPG 2.2.45, a diagnostic message about the only trusted key having
already expired causes this import to produce exit status 2, but the
import still succeeds (the key is still revoked).
Bug: https://dev.gnupg.org/T7351
Bug-Debian: https://bugs.debian.org/
1086140
Colin Walters [Wed, 30 Oct 2024 18:37:59 +0000 (14:37 -0400)]
Merge pull request #3332 from cgwalters/fixups-for-fcos-composefs-default
tests: Skip checking for immutable bit on composefs
Colin Walters [Wed, 30 Oct 2024 17:00:35 +0000 (13:00 -0400)]
tests: Skip checking for immutable bit on composefs
Needed changing after FCOS switch.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Tue, 29 Oct 2024 19:09:59 +0000 (15:09 -0400)]
Merge pull request #3326 from cgwalters/hack-deploy-no-verity
deploy: Don't recompute verity checksums if not enabled
Colin Walters [Sun, 27 Oct 2024 14:20:29 +0000 (10:20 -0400)]
deploy: Don't recompute verity checksums if not enabled
This fixes a truly horrific performance bug when
composefs is enabled, but fsverity is not supported
by the filesystem. We'd fall back to doing *userspace*
checksumming of all files at deployment time which was absolutely
not expected or required.
There's really an immense amount of technical debt
here, such as the confusion between `ex-integity.composefs`
vs the prepare-root config, how we handle "torn" states
where some objects don't have verity enabled but some do,
etc.
The ostree composefs state has two modes:
- signed: We need to enforce fsverity
- unsigned: Best effort resilience
So we fix this by making the deploy path to make verity
"opportunistic" - if the ioctl gives us the data, then we
add it to the composefs.
However, this code path is also invoked when we're
computing the expected composefs digest to inject
as commit metadata, and *that* API must work regardless
of whether the target repo has fsverity enabled as
it may operate on a build server.
One lucky thing in all of this: When I went to add
the "checkout composefs" API I added a stub `GVariant`
for options extensibility, which we now use.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Mon, 21 Oct 2024 12:02:32 +0000 (08:02 -0400)]
Merge pull request #3323 from cgwalters/copydir-no-xattrs
deploy: Don't copy xattrs for devicetree
Colin Walters [Fri, 18 Oct 2024 12:41:05 +0000 (08:41 -0400)]
deploy: Don't copy xattrs for devicetree
xref: https://github.com/coreos/fedora-coreos-tracker/issues/1808
For the kernel/initramfs that we copy to `/boot`
we use an explicit relabeling today, ignoring the source SELinux
context.
When we added handling for devicetree it reuse the `copy_dir_recurse`
we have for `etc` handling, and that copied the source xattrs.
Let's ensure that the devicetree is also `boot_t` by *not* copying
xattrs and relying on the default labeling.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Thu, 10 Oct 2024 18:40:48 +0000 (14:40 -0400)]
Merge pull request #3316 from ruihe774/readonly-cmdline
prepare-root: allow `sysroot.readonly=true` with kernel cmdline `ro`
Dan Nicholson [Thu, 10 Oct 2024 15:33:29 +0000 (17:33 +0200)]
Merge pull request #3322 from cgwalters/tweak-commit-assertion
commit: Give a better error message for unhandled file type
Colin Walters [Thu, 10 Oct 2024 12:54:33 +0000 (12:54 +0000)]
commit: Give a better error message for unhandled file type
xref https://github.com/ostreedev/ostree/issues/3319
It'd be useful to know what file type is being hit here; I believe
this code path should be unreachable.
Misaki Kasumi [Thu, 10 Oct 2024 12:38:34 +0000 (20:38 +0800)]
prepare-root: allow sysroot.readonly=true with kernel cmdline ro
Eric Curtin [Wed, 2 Oct 2024 13:13:26 +0000 (14:13 +0100)]
Merge pull request #3317 from cgwalters/minor-overlay-tweaks
checkout: Add commentary around whiteout "quoting"
Colin Walters [Tue, 1 Oct 2024 21:07:17 +0000 (17:07 -0400)]
checkout: Add commentary around whiteout "quoting"
Signed-off-by: Colin Walters <walters@verbum.org>
Eric Curtin [Mon, 23 Sep 2024 21:13:30 +0000 (22:13 +0100)]
Merge pull request #3311 from cgwalters/curl-minor
curl: Add more assertions for curl return values
Eric Curtin [Mon, 23 Sep 2024 11:57:54 +0000 (12:57 +0100)]
Merge pull request #3313 from cgwalters/fix-readthedocs
rust-bindings: Fix readthedocs.io link
Colin Walters [Mon, 23 Sep 2024 09:34:49 +0000 (09:34 +0000)]
rust-bindings: Fix readthedocs.io link
It should now point at GH pages.
Closes: https://github.com/ostreedev/ostree/issues/3312
Signed-off-by: Colin Walters <walters@verbum.org>
Simon McVittie [Sat, 21 Sep 2024 17:49:33 +0000 (18:49 +0100)]
Release to unstable
Simon McVittie [Sat, 21 Sep 2024 17:46:41 +0000 (18:46 +0100)]
Drop patches that were included in the new upstream release
Simon McVittie [Sat, 21 Sep 2024 17:46:22 +0000 (18:46 +0100)]
New upstream release
Simon McVittie [Sat, 21 Sep 2024 17:43:45 +0000 (18:43 +0100)]
Update upstream source from tag 'upstream/2024.8'
Update to upstream version '2024.8'
with Debian dir
a7c80d40c3c07286d9d4b6d78311343442782e33
Simon McVittie [Sat, 21 Sep 2024 17:43:37 +0000 (18:43 +0100)]
New upstream version 2024.8
Colin Walters [Thu, 19 Sep 2024 18:29:20 +0000 (14:29 -0400)]
curl: Add more assertions for curl return values
Followup to the previous curl fixes; if we'd had an assertion
earlier debugging the failure would have been more obvious.
All of these are "should not fail" cases so asserting is
right.
Colin Walters [Thu, 19 Sep 2024 13:58:54 +0000 (09:58 -0400)]
Merge pull request #3309 from cgwalters/release
Release 2024.8
Colin Walters [Thu, 19 Sep 2024 12:00:41 +0000 (08:00 -0400)]
Post-release version bump
Colin Walters [Thu, 19 Sep 2024 11:52:27 +0000 (07:52 -0400)]
Release 2024.8
Simon McVittie [Thu, 19 Sep 2024 08:58:19 +0000 (09:58 +0100)]
Release to unstable
Simon McVittie [Thu, 19 Sep 2024 08:56:53 +0000 (09:56 +0100)]
Add patches from upstream to avoid libflatpak crash with curl 8.10.x
Closes: #1082121
Dan Nicholson [Thu, 19 Sep 2024 03:36:13 +0000 (21:36 -0600)]
Merge pull request #3307 from cgwalters/curl-reorder-teardown
curl: Make socket callback during cleanup into no-op
Colin Walters [Wed, 18 Sep 2024 22:34:08 +0000 (18:34 -0400)]
Merge pull request #3306 from cgwalters/curl-assert
curl: Assert that curl_multi_assign worked
Colin Walters [Wed, 18 Sep 2024 17:41:59 +0000 (13:41 -0400)]
curl: Make socket callback during cleanup into no-op
Because curl_multi_cleanup may invoke callbacks, we effectively have
some circular references going on here. See discussion in
https://github.com/curl/curl/issues/14860
Basically what we do is the socket callback libcurl may invoke into a no-op when
we detect we're finalizing. The data structures are owned by this object and
not by the callbacks, and will be destroyed below. Note that
e.g. g_hash_table_unref() may itself invoke callbacks, which is where
some data is cleaned up.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Wed, 18 Sep 2024 17:21:27 +0000 (13:21 -0400)]
curl: Assert that curl_multi_assign worked
ref https://github.com/ostreedev/ostree/issues/3299
This won't fix that issue, but *if* this assertion triggers
it should give us a better idea of the possible codepaths
where it is happening.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Sun, 15 Sep 2024 20:39:38 +0000 (16:39 -0400)]
Merge pull request #3305 from dbnicholson/pages-fixes
workflow/docs: Fix deployments
Dan Nicholson [Sun, 15 Sep 2024 19:59:36 +0000 (13:59 -0600)]
workflow/docs: Fix deployments
A couple fixes to make PRs and non-PRs work correctly:
* In a conditional expression, `true` or `false` are returned unless you
terminate both sides in a ternary. That was causing 2 strings to be
suffixed with `false` instead of an empty string.
* For a PR, we do actually want to cancel in progress runs since there's
no danger of breaking an in progress deployment.
* For PRs, just use the same `github-pages-pr` name for the artifact.
The important part is that it's not called `github-pages` where an in
progress deployment could pick it up. Otherwise it can use the same
name all the time.
Colin Walters [Sun, 15 Sep 2024 17:01:52 +0000 (13:01 -0400)]
Merge pull request #3300 from travier/main-static-config-null
bootloader/grub2: Handle empty static configs
Colin Walters [Sun, 15 Sep 2024 17:01:38 +0000 (13:01 -0400)]
Merge pull request #3302 from HuijingHei/fix-version
spec: %autorelease can't be resolved by COPR
Colin Walters [Sun, 15 Sep 2024 17:01:19 +0000 (13:01 -0400)]
Merge pull request #3304 from dbnicholson/pages-redux
Redo pages workflow
Dan Nicholson [Sun, 15 Sep 2024 16:12:16 +0000 (10:12 -0600)]
Redo pages workflow
HuijingHei [Fri, 13 Sep 2024 15:05:28 +0000 (23:05 +0800)]
spec: %autorelease can't be resolved by COPR
Fix copr build error:
`line 11: Possible unexpanded macro in: Release: %autorelease`
Timothée Ravier [Fri, 13 Sep 2024 17:14:43 +0000 (19:14 +0200)]
bootloader/grub2: Handle empty static configs
In #3205, we introduced a check to skip re-generating the GRUB config if
we detect that static configs are in used by looking at bootupd's state.
Unfortunately this check is incomplete and does not account for present
but null entries in the JSON state file.
A proper fix would be to parse the JSON but this requires a larger code
change.
Fixes: https://github.com/ostreedev/ostree/issues/3295
Fixes: https://github.com/ostreedev/ostree/pull/3205
Timothée Ravier [Fri, 13 Sep 2024 22:34:08 +0000 (00:34 +0200)]
Merge pull request #3301 from travier/main-github-artifact-v4
github/workflows/tests: Update actions/upload-artifact to v4
Timothée Ravier [Fri, 13 Sep 2024 17:28:47 +0000 (19:28 +0200)]
github/workflows/tests: Update actions/{upload,download}-artifact to v4
See: https://github.blog/changelog/2024-02-13-deprecation-notice-v1-and-v2-of-the-artifact-actions/
See: https://github.blog/news-insights/product-news/get-started-with-v4-of-github-actions-artifacts/
Signed-off-by: Colin Walters <walters@verbum.org>
Eric Curtin [Sat, 7 Sep 2024 00:30:25 +0000 (01:30 +0100)]
Merge pull request #3287 from cgwalters/fix-memleak
lib/traverse: Fix minor memory leak
Colin Walters [Fri, 6 Sep 2024 23:35:19 +0000 (19:35 -0400)]
Merge pull request #3292 from dbnicholson/var-slave-shared
switchroot: Stop making /sysroot mount private
Colin Walters [Tue, 20 Aug 2024 20:18:54 +0000 (16:18 -0400)]
lib/traverse: Fix minor memory leak
I was trying to check something with `-fsanitize=address`
and it warned about this memory leak. It's...subtle, basically
we were leaking when the same commit was added to the hash table.
But unfortunately fixing that then complicates ownership
over the return value; what we really want to use here is
`g_hash_table_steal_all_keys` but RHEL 9.4 is still rocking
`glib2-2.68.4` so we can't use it.
(Rust would mean we wouldn't have leaked anything here in the
first place...)
Signed-off-by: Colin Walters <walters@verbum.org>
Dan Nicholson [Fri, 30 Aug 2024 00:19:30 +0000 (18:19 -0600)]
switchroot: Stop making /sysroot mount private
Back in
2b8d586c5, /sysroot was changed to be a private mount so that
submounts of /var do not propagate back to the stateroot /var. That's
laudible, but it makes /sysroot different than every other shared mount
in the root namespace. In particular, it means that submounts of
/sysroot do not propagate into separate mount namespaces.
Rather than make /sysroot private, make /var a slave+shared mount so
that it receives mount events from /sysroot but not vice versa. That
achieves the same effect of preventing /var submount events from
propagating back to /sysroot while allowing /sysroot mount events to
propagate forward like every other system mount. See
mount_namespaces(7)[1] and the linux shared subtrees[2] documentation
for details on slave+shared mount propagation.
When /var is mounted in the initramfs, this is accomplished with
mount(2) syscalls. When /var is mounted after switching to the real
root, the mount propagation flags are applied as options in the
generated var.mount unit. This depends on a mount(8) feature that has
been present since util-linux 2.23. That's available in RHEL 7 and every
non-EOL Debian and Ubuntu release. Applying the propagation from
var.mount fixes a small race, too. Previously, if a /var submount was
added before /sysroot was made private, it would have propagated back
into /sysroot. That was possible since ostree-remount.service orders
itself after var.mount but not before any /var submounts.
1. https://man7.org/linux/man-pages/man7/mount_namespaces.7.html
2. https://docs.kernel.org/filesystems/sharedsubtree.html
Fixes: #2086
Dan Nicholson [Fri, 30 Aug 2024 11:53:10 +0000 (05:53 -0600)]
tests: Add mount propagation test
This tests the current behavior of making /sysroot a private mount so
that submounts on /var do not propagate back to /sysroot. It also shows
how submounts of /sysroot do not propagate into separate mount
namespaces for the same reason.
Simon McVittie [Fri, 6 Sep 2024 19:02:31 +0000 (20:02 +0100)]
Standards-Version: 4.7.0 (no changes required)
Simon McVittie [Fri, 6 Sep 2024 19:01:46 +0000 (20:01 +0100)]
d/copyright: Remove obsolete stanzas
Simon McVittie [Fri, 6 Sep 2024 17:16:42 +0000 (18:16 +0100)]
Release to unstable
Simon McVittie [Wed, 31 Aug 2022 08:44:06 +0000 (09:44 +0100)]
d/control, d/rules: Disable gjs-based tests on armel
It's looking as though mozjs128, and therefore the next gjs release,
will not support armel due to its lack of atomic instructions causing
relatively basic features to be disabled.
projects / ostree.git / log