Simon McVittie [Sat, 8 Jun 2024 15:05:25 +0000 (16:05 +0100)]
New upstream version 2024.6
Joseph Marrero [Thu, 16 May 2024 20:31:51 +0000 (16:31 -0400)]
Release 2024.6
Colin Walters [Thu, 16 May 2024 16:32:40 +0000 (12:32 -0400)]
Merge pull request #3245 from cgwalters/doc-offline-deltas
docs: Describe offline updates with static deltas
Colin Walters [Thu, 16 May 2024 16:00:35 +0000 (12:00 -0400)]
docs: Describe offline updates with static deltas
This one isn't immediately obvious that it's possible.
Signed-off-by: Colin Walters <walters@verbum.org>
Joseph Marrero Corchado [Wed, 15 May 2024 17:15:05 +0000 (13:15 -0400)]
Merge pull request #3244 from alexlarsson/fix-fsverity-supported
Fix _ostree_ensure_fsverity reporting of supports in early exit
Dan Nicholson [Wed, 15 May 2024 16:11:40 +0000 (10:11 -0600)]
Merge pull request #3243 from cgwalters/loaded_ts_fix
sysroot: Handle `/ostree/deploy` having epoch 0
Alexander Larsson [Wed, 15 May 2024 15:31:09 +0000 (17:31 +0200)]
Fix _ostree_ensure_fsverity reporting of supports in early exit
If supported_out is passed to _ostree_ensure_fsverity and we
successfully exit early, for example because the file is a symlink, then
*supported_out is not initialized.
This is problematic in the case of ostree_sysroot_update_post_copy(),
because it passes in an uninitialized supported, and on successfull
return of _ostree_ensure_fsverity() it assumes that it is iniialized.
In case supported happened to be initialized to non-zero it will take
this branch:
if (!supported)
break; /* If not supported, skip rest */
Which means *all* further objects will not get fs-verity enabled.
Colin Walters [Wed, 15 May 2024 13:41:35 +0000 (09:41 -0400)]
sysroot: Handle `/ostree/deploy` having epoch 0
Ironically we break if the timestamp there is zero.
Closes: https://github.com/ostreedev/ostree/issues/3022
Signed-off-by: Colin Walters <walters@verbum.org>
Joseph Marrero Corchado [Sat, 4 May 2024 01:34:25 +0000 (21:34 -0400)]
Merge pull request #3234 from jmarrero/state-root
ostree-sysroot-deploy: check if deployments are in the same stateroot.
Joseph Marrero Corchado [Tue, 30 Apr 2024 15:51:48 +0000 (11:51 -0400)]
ostree-sysroot-deploy: check if deployments are in the same stateroot.
Jonathan Lebon [Fri, 3 May 2024 18:38:30 +0000 (14:38 -0400)]
Merge pull request #3238 from cgwalters/force-container-env
Colin Walters [Thu, 2 May 2024 18:18:10 +0000 (14:18 -0400)]
ci: Also skip if we detect /run/.containerenv
Colin Walters [Thu, 2 May 2024 13:35:55 +0000 (09:35 -0400)]
Merge pull request #3236 from cgwalters/clang-format
ci: Only run clang-format on ubuntu-stable GH runner
Colin Walters [Thu, 2 May 2024 00:32:33 +0000 (20:32 -0400)]
ci: Only run clang-format on ubuntu-stable GH runner
Previously we were running clang-format across multiple operating
system versions and hence clang versions, and it turns out
clang has changed the preferred formatting multiple times.
We could *probably* dig in and try to pin things more strongly
but eh...for now let's arbitrarily just use whatever's in
the default GH Action ubuntu-latest runner as that should
be equally painful for everyone.
Signed-off-by: Colin Walters <walters@verbum.org>
Colin Walters [Thu, 2 May 2024 00:24:36 +0000 (20:24 -0400)]
Merge pull request #3232 from ericcurtin/aboot-bootloader
docs: More accurate diagram in bootloaders documentation for aboot
Colin Walters [Thu, 2 May 2024 00:23:59 +0000 (20:23 -0400)]
Merge pull request #3233 from dbnicholson/sync-summary-times
Sync summary times
Dan Nicholson [Thu, 25 Apr 2024 03:37:13 +0000 (21:37 -0600)]
repo: Make summary and signature mtime match
HTTP servers derive Last-Modified from the modification time of the
file. When used in combination with a Cache-Control max-age value,
having the modification times match means that caches will consider them
expired at the same time. This helps make it more likely that clients
won't receive a cached summary and fresh signature or vice versa.
This makes more sense to do now that the summary and signature are
created in a temporary directory and renamed into place. In the old days
where they were created directly in the repo root, it would be strange
to change the summary mtime when it wasn't actually modified.
Dan Nicholson [Thu, 25 Apr 2024 03:51:19 +0000 (21:51 -0600)]
tests: Correctly skip single fsverity test
The skip shell function is for skipping an entire test plan. To skip a
single test result, a directive is needed[1]. Without this change, the
test suite errors claiming that 2 test plans were provided when fsverity
isn't available.
1. https://testanything.org/tap-specification.html#skipping-tests
Eric Curtin [Wed, 24 Apr 2024 15:15:17 +0000 (16:15 +0100)]
docs: Fix spelling and grammer
Make Android bootloader section clearer.
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Eric Curtin [Wed, 24 Apr 2024 14:47:13 +0000 (15:47 +0100)]
docs: More accurate diagram in bootloaders documentation for aboot
The android bootloader is also split into two partitions, previously
that wasn't represented in the diagram.
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Eric Curtin [Mon, 15 Apr 2024 19:48:09 +0000 (20:48 +0100)]
Merge pull request #3231 from alexlarsson/fix-aboot-non-ab
prepare-root: Handle non-AB aboot properly
Alexander Larsson [Mon, 15 Apr 2024 18:09:34 +0000 (20:09 +0200)]
prepare-root: Handle non-AB aboot properly
otcore_get_ostree_target() should set is_aboot for android boot
systems, but currently it only does this on A/B boot systems, not
single-boot-partition systems. Fix this by setting it in the second
case.
Colin Walters [Fri, 12 Apr 2024 23:56:35 +0000 (19:56 -0400)]
Merge pull request #3230 from cgwalters/initfs-epoch-2
init-fs: Add --epoch=2
Colin Walters [Fri, 12 Apr 2024 21:48:22 +0000 (17:48 -0400)]
Merge pull request #3108 from cgwalters/use-external-composefs
Switch to external composefs
Colin Walters [Thu, 15 Feb 2024 15:15:26 +0000 (10:15 -0500)]
Switch to external composefs
Since there's now a stable shared library, let's use it.
Colin Walters [Sun, 3 Dec 2023 20:24:52 +0000 (15:24 -0500)]
ci: Drop `SKIP_INSTALLDEPS=1`
Right now there's skew where we don't have composefs-devel
in the buildroot. In general this optimization isn't worth it.
Colin Walters [Thu, 15 Feb 2024 15:31:26 +0000 (10:31 -0500)]
tests: Skip composefs tests without the feature
Previously this was masked by us shipping composefs vendored.
Colin Walters [Fri, 12 Apr 2024 20:10:36 +0000 (16:10 -0400)]
init-fs: Add --epoch=2
We want to start switching things so that the toplevel `/ostree`
repository is mode 0700, to close off unprivileged code
from being able to access it. Previous deployment roots
may have setuid binaries, etc. The `/var/lib/containers/storage`
directory is mode 0700 for this reason I believe.
Closes: https://github.com/ostreedev/ostree/issues/3211
Colin Walters [Fri, 12 Apr 2024 18:00:27 +0000 (14:00 -0400)]
Merge pull request #3229 from cgwalters/init-deploy-0700
init-fs: Add --epoch
Colin Walters [Fri, 12 Apr 2024 12:56:13 +0000 (08:56 -0400)]
init-fs: Add --epoch
I want to add another variant here, and `--modern` is now old. Let's
acknowledge that we may want to make even more changes in the
future. So `--modern == --epoch=1` but I will add `--epoch=2` after
this.
Colin Walters [Mon, 8 Apr 2024 16:40:03 +0000 (12:40 -0400)]
Merge pull request #3227 from alexlarsson/fix-fsverity-error-check
_ostree_ensure_fsverity: Properly check for errors
Alexander Larsson [Mon, 8 Apr 2024 15:05:23 +0000 (17:05 +0200)]
_ostree_ensure_fsverity: Properly check for errors
If fs_verity_wanted == _OSTREE_FEATURE_YES we should fail if
!suported, but we were checking !supported where supported is a
pointer, not a boolean. This caused us to miss errors when the kernel
didn't support fs-verity that lead to lots of debugging.
Colin Walters [Sat, 30 Mar 2024 13:40:17 +0000 (09:40 -0400)]
Merge pull request #3226 from ericcurtin/rm-rhivos
README & docs: Remove "RHIVOS" acronym
Eric Curtin [Sat, 30 Mar 2024 13:15:34 +0000 (13:15 +0000)]
README & docs: Remove "RHIVOS" acronym
Remove the unofficial acronym RHIVOS from both the README and docs
files. The acronym is associated with Red Hat In-Vehicle Operating
System but isn't officially recognized.
Co-Authored-By: Felicia Kleinfelt <fkleinfe@redhat.com>
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Simon McVittie [Sun, 24 Mar 2024 14:12:10 +0000 (14:12 +0000)]
New upstream version 2024.5
Colin Walters [Thu, 21 Mar 2024 17:57:45 +0000 (13:57 -0400)]
Merge pull request #3220 from jlebon/pr/on-failure-isolate
ostree-prepare-root.service: add OnFailureJobMode=isolate
Jonathan Lebon [Thu, 21 Mar 2024 16:19:32 +0000 (12:19 -0400)]
ostree-prepare-root.service: add OnFailureJobMode=isolate
This is stronger than the default (`replace`) because it tells systemd
to *stop everything* and go to `emergency.target`. In other codebases,
this has definitely helped me with the problem of "systemd keeps going
even after a failure".
Likely addresses #3219.
See also e.g. https://github.com/coreos/ignition-dracut/commit/
3d2e165f97f30c1e62577357f27f32e60e6add18.
Colin Walters [Tue, 19 Mar 2024 16:28:54 +0000 (12:28 -0400)]
Merge pull request #3218 from cgwalters/policy-allow-none
sepolicy: Add missing `(nullable)`
Joseph Marrero Corchado [Tue, 19 Mar 2024 14:48:43 +0000 (10:48 -0400)]
Merge pull request #3216 from cgwalters/mirrorlist-retries
curl: Also map HTTP errors for retries
Colin Walters [Tue, 19 Mar 2024 00:38:19 +0000 (20:38 -0400)]
sepolicy: Add missing `(nullable)`
This can return NULL if there's no real policy.
Now obviously we need to update the Rust bindings too but...
I am having trouble doing that, we're pretty out of date with
upstream.
Colin Walters [Fri, 15 Mar 2024 22:41:02 +0000 (18:41 -0400)]
curl: Also map HTTP errors for retries
When we added the retry logic, the intention here was definitely
to do it not just for network errors but also e.g. HTTP 500s and
the like.
xref https://pagure.io/releng/issue/11439
where we rather painfully debugged that this was missing.
Colin Walters [Thu, 14 Mar 2024 15:26:35 +0000 (11:26 -0400)]
Merge pull request #3215 from cgwalters/release
Release 2024.5
Colin Walters [Thu, 14 Mar 2024 13:47:14 +0000 (09:47 -0400)]
configure: post-release version bump
Colin Walters [Thu, 14 Mar 2024 13:46:17 +0000 (09:46 -0400)]
Release 2024.5
Colin Walters [Wed, 13 Mar 2024 20:05:23 +0000 (16:05 -0400)]
Merge pull request #3214 from cgwalters/checkout-overwrite-force
checkout: Always replace existing content with overlay mode
Colin Walters [Wed, 13 Mar 2024 16:50:28 +0000 (12:50 -0400)]
checkout: Always replace existing content in overlay mode
The combination of the "honor whiteout" and "union" flags
are intended to basically be "merge trees like overlayfs does".
But we were missing this case in order to support e.g. replacing
a symlink with a directory.
Jonathan Lebon [Wed, 13 Mar 2024 17:24:27 +0000 (13:24 -0400)]
Merge pull request #3213 from rborn-tx/fix-early-prune
Rogerio Guerra Borin [Tue, 12 Mar 2024 20:02:58 +0000 (17:02 -0300)]
deploy: Ensure boot directory is open before accessing it
This fixes a bug in the (early) deployment pruning function which before
tried to access the boot directory without opening it first.
Signed-off-by: Rogerio Guerra Borin <rogerio.borin@toradex.com>
Huijing Hei [Mon, 11 Mar 2024 01:59:43 +0000 (09:59 +0800)]
Merge pull request #3208 from HuijingHei/split-whitespace
kargs: parse spaces in kargs input and keep quotes
HuijingHei [Mon, 4 Mar 2024 02:44:42 +0000 (10:44 +0800)]
kargs: parse spaces in kargs input and keep quotes
According to Jonathan's suggestion, should fix the code from
ostree repo.
With this patch:
- kargs input like "init_on_alloc=1 init_on_free=1", will be
parsed as 2 seperated args `init_on_alloc=1` and `init_on_free=1`,
instead of whole;
- According to https://www.kernel.org/doc/html/v4.14/admin-guide/kernel-parameters.html,
need to keep spaces in double-quotes, like `param="spaces in here"`
will be parsed as whole instead of 3.
Fixes https://github.com/coreos/rpm-ostree/issues/4821
Eric Curtin [Thu, 7 Mar 2024 10:53:56 +0000 (10:53 +0000)]
Merge pull request #3206 from cgwalters/enable-new-naming
sysroot: Turn on bootloader-naming-2 by default
Simon McVittie [Thu, 7 Mar 2024 10:19:59 +0000 (10:19 +0000)]
New upstream version 2024.4
Colin Walters [Wed, 28 Feb 2024 14:40:34 +0000 (09:40 -0500)]
sysroot: Turn on bootloader-naming-2 by default
I think it's about time we flipped this on by default;
like the bootprefix I was a bit too chicken. We still have
a `bootloader-naming-1` that can be flipped on in case of
some regression.
Closes: https://github.com/ostreedev/ostree/issues/2961
Colin Walters [Tue, 27 Feb 2024 21:00:29 +0000 (16:00 -0500)]
Merge pull request #3205 from cgwalters/fix-grub-probing
bootloader/grub2: Don't do anything if we have static configs
Colin Walters [Tue, 27 Feb 2024 18:14:16 +0000 (13:14 -0500)]
bootloader/grub2: Don't do anything if we have static configs
This builds on top of https://github.com/coreos/bootupd/pull/609/commits/
fa9924e4fe403c3751392c041cd98614a2cc3611
(But in a very hacky way because we don't currently link to a JSON library)
Basically, bootupd supports injecting static configs, and this
is the currently least hacky way for us to detect this and understand
that we shouldn't try to run `grub2-mkconfig`.
A further patch I'd like to do here is also change the probing
logic to gracefully no-op if `grub2-mkconfig` doesn't exist,
but that has a bit more risk and involvement.
Colin Walters [Tue, 27 Feb 2024 18:03:45 +0000 (13:03 -0500)]
Merge pull request #3204 from cgwalters/quiet-config-load
otcore: Drop config load print
Colin Walters [Tue, 27 Feb 2024 17:24:35 +0000 (12:24 -0500)]
Merge pull request #3203 from dbnicholson/version-sigpipe
main: Ignore SIGPIPE when printing version
Colin Walters [Tue, 27 Feb 2024 15:59:02 +0000 (10:59 -0500)]
otcore: Drop config load print
Now that we're using `otcore_load_config` from the deploy
path we end up printing to stdout even for API callers (e.g.
our own CLI tools, and rpm-ostree/bootc/etc) which is wrong.
We don't need this print, so just drop it.
Dan Nicholson [Tue, 27 Feb 2024 15:41:46 +0000 (08:41 -0700)]
main: Ignore SIGPIPE when printing version
In order to do a runtime feature check, `ostree --version` can be piped
to `grep` or similar. However, if the read end of the pipe doesn't read
all of the output, `ostree` will receive `SIGPIPE` when trying to write
output. Ignore it so that `ostree` still exits successfully in that
case.
Colin Walters [Sun, 25 Feb 2024 15:45:12 +0000 (10:45 -0500)]
Merge pull request #3196 from cgwalters/fix-sepolicy-public
sepolicy: Fix publicity mismatch for ostree_sepolicy_host_enabled
Timothée Ravier [Sat, 24 Feb 2024 15:45:37 +0000 (16:45 +0100)]
Merge pull request #3199 from travier/docs-fix
docs: Move SPDX identifiers under first title
Timothée Ravier [Sat, 24 Feb 2024 15:37:48 +0000 (16:37 +0100)]
docs: Cleanup title for historical OSTree README
Timothée Ravier [Sat, 24 Feb 2024 15:36:23 +0000 (16:36 +0100)]
docs: Move SPDX identifiers under first title
Having a comment right before the first title apparently confuses
Jekyll.
Fixes: https://github.com/ostreedev/ostree/pull/3185
Colin Walters [Fri, 23 Feb 2024 21:21:11 +0000 (16:21 -0500)]
Merge pull request #3197 from cgwalters/release
Release 2024.4
Colin Walters [Fri, 23 Feb 2024 18:02:42 +0000 (13:02 -0500)]
sepolicy: Fix publicity mismatch for ostree_sepolicy_host_enabled
As this is only used by internal code, just drop the `_OSTREE_PUBLIC`
marker for now. If we have a reason to export it we can do that
later.
Closes: https://github.com/ostreedev/ostree/issues/3182
Colin Walters [Fri, 23 Feb 2024 18:45:37 +0000 (13:45 -0500)]
Post-release version bump
Colin Walters [Fri, 23 Feb 2024 18:45:21 +0000 (13:45 -0500)]
Release 2024.4
Jonathan Lebon [Fri, 23 Feb 2024 16:30:00 +0000 (11:30 -0500)]
Merge pull request #3195 from ericcurtin/pr3192_comments
Eric Curtin [Thu, 22 Feb 2024 18:15:09 +0000 (18:15 +0000)]
sysroot: Reword comment and use gboolean over bool, error handling
Be more explicit in the comment, and use gboolean over bool. Less header
inclusions when we use gboolean. Although bool is used in some places.
Write a separate _ostree_sysroot_parse_bootlink_aboot function for
aboot. Make is_aboot optional. Handle invalid androidboot karg and no
ostree and androidboot kargs differently.
Co-authored-by: Jonathan Lebon <jonathan@jlebon.com>
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Eric Curtin [Thu, 22 Feb 2024 17:06:19 +0000 (17:06 +0000)]
Merge pull request #3192 from ericcurtin/ostree-impl-system-generator-aboot
generator: Fixes for Android Boot environment
Joseph Marrero Corchado [Thu, 22 Feb 2024 16:25:41 +0000 (11:25 -0500)]
Merge pull request #3194 from alexlarsson/composefs-no-hotfix
prepare-root: Disallow hotfixes if using signed composefs images
Huijing Hei [Thu, 22 Feb 2024 13:44:57 +0000 (21:44 +0800)]
Merge pull request #3185 from travier/main-docs-spdx-fixes
Docs fixes & SPDX identifiers uniformisation
Alexander Larsson [Thu, 22 Feb 2024 11:10:41 +0000 (12:10 +0100)]
prepare-root: Disallow hotfixes if using signed composefs images
As mentioned in https://github.com/ostreedev/ostree/issues/3187, we
can't allow a hotfix overlay of /usr when using signed composefs
images as that would allow an attacker to persist something used
across boots.
Eric Curtin [Wed, 21 Feb 2024 16:02:08 +0000 (16:02 +0000)]
generator: Fixes for Android Boot environment
In Android Boot environment we do not parse ostree= karg to determine
what directory to boot into, alternatively we do this based on the
androidboot.slot_suffix= karg. But we do set ostree=true karg to denote
that we are indeed booting an ostree environment (required for some
systemd unit files). This change accounts for this approach in the
systemd generator. In this case androidboot.slot_suffix= points you to
/ostree/root.[a|b] and then that points you to the directory to boot
into in /ostree/deploy... Here is what a cmdline may look like in this
type of environment:
androidboot.slot_suffix=_a androidboot.bootdevice=*.ufshc root=PARTLABEL=system_a root=UUID=
76a22bf4-f153-4541-b6c7-
0332c0dfaeac rw ostree=true loglevel=4 acpi=off console=ttyAMA0 systemd.show_status=auto libahci.ignore_sss=1 slub_debug=FPZ fsck.mode=skip rcupdate.rcu_normal_after_boot=0 rcupdate.rcu_expedited=1
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Joseph Marrero Corchado [Wed, 21 Feb 2024 12:53:32 +0000 (07:53 -0500)]
Merge pull request #3186 from rborn-tx/amend-ms-shared-comment
ostree-prepare-root: Amend comment about shared mounts
Eric Curtin [Wed, 21 Feb 2024 12:34:09 +0000 (12:34 +0000)]
Merge pull request #3189 from alexlarsson/composefs-config-with-no-key
deploy: Don't fail if loading composefs configuration fails due to mi…
Alexander Larsson [Wed, 21 Feb 2024 09:16:31 +0000 (10:16 +0100)]
deploy: Don't fail if loading composefs configuration fails due to missing keys
When we load the configuration during deploy we don't need to actually
use the keys, so avoid loading them. This fixes an issue we had where
this broke the initial deploy becasue of a failure to load the key. In
our case it fails because the code looks for the config file in the
deploy dir, but then for the binding key in the real root.
However, even if it were to look for the key in the deploy dir I don't
think it necessarily has to be in the rootfs, it could be only in the
initrd.
This fixes https://github.com/ostreedev/ostree/issues/3188
Jonathan Lebon [Wed, 21 Feb 2024 03:29:56 +0000 (22:29 -0500)]
Merge pull request #3184 from smcv/issue3183
Rogerio Guerra Borin [Tue, 20 Feb 2024 17:50:35 +0000 (14:50 -0300)]
ostree-prepare-root: Amend comment about shared mounts
Signed-off-by: Rogerio Guerra Borin <rogerio.borin@toradex.com>
Timothée Ravier [Tue, 20 Feb 2024 16:08:24 +0000 (17:08 +0100)]
README & docs: Sync README and docs index page
Timothée Ravier [Tue, 20 Feb 2024 16:04:44 +0000 (17:04 +0100)]
docs: Misc whitespace fixes
Timothée Ravier [Tue, 20 Feb 2024 16:04:01 +0000 (17:04 +0100)]
docs: Consistently use SPDX identifiers
Standardize on a single SPDX identifier in a comment at the top.
Simon McVittie [Mon, 19 Feb 2024 13:04:14 +0000 (13:04 +0000)]
test-admin-deploy-var: Don't rely on OSTREE_FEATURES
This is set during build-time testing, but unset during "as-installed"
tests.
Resolves: https://github.com/ostreedev/ostree/issues/3183
Signed-off-by: Simon McVittie <smcv@debian.org>
Simon McVittie [Mon, 19 Feb 2024 16:07:13 +0000 (16:07 +0000)]
tests: Use skip_without_ostree_feature to detect libarchive, composefs
This avoids false negatives from `ostree --version | grep -q ...`
exiting with failure under `set -o pipefail` because `grep -q` can exit
as soon as it sees the desired string, leaving `ostree --version` to be
terminated by `SIGPIPE` next time it writes to stdout.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Simon McVittie [Mon, 19 Feb 2024 15:57:51 +0000 (15:57 +0000)]
tests: Generalize has_gpgme, has_sign_ed25519 into has_ostree_feature
Signed-off-by: Simon McVittie <smcv@collabora.com>
Eric Curtin [Mon, 19 Feb 2024 14:37:37 +0000 (14:37 +0000)]
Merge pull request #3176 from travier/docs-dependabot-update
workflow/docs: Update to actions/checkout@v4 & dependabot: Update github-actions weekly
Colin Walters [Mon, 19 Feb 2024 14:36:58 +0000 (09:36 -0500)]
Merge pull request #3181 from ericcurtin/mention-rhivos
README: Add Red Hat In-Vehicle Operating System
Simon McVittie [Mon, 19 Feb 2024 12:07:03 +0000 (12:07 +0000)]
New upstream version 2024.3
Eric Curtin [Sat, 17 Feb 2024 17:12:19 +0000 (17:12 +0000)]
README: Add Red Hat In-Vehicle Operating System
RHIVOS is a derivative of CentOS Automotive Stream Distribution that
uses OSTree, it's closest Fedora derivative is Fedora IoT although it
was created as it's own distribution.
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Colin Walters [Fri, 16 Feb 2024 17:10:09 +0000 (12:10 -0500)]
Merge pull request #3180 from teythoon/justus/long-key-ids
tests: Use long key IDs, I found another one
Colin Walters [Fri, 16 Feb 2024 16:12:03 +0000 (11:12 -0500)]
Merge pull request #3179 from ericcurtin/additional-docs-dependancy
docs: Add webrick dependancy for building site locally
Justus Winter [Fri, 16 Feb 2024 15:23:49 +0000 (16:23 +0100)]
tests: Use long key IDs
Short key IDs are not secure, and may be rejected by OpenPGP
implementations. See https://evil32.com/
Signed-off-by: Justus Winter <justus@sequoia-pgp.org>
Colin Walters [Fri, 16 Feb 2024 14:06:27 +0000 (09:06 -0500)]
Merge pull request #3178 from teythoon/justus/long-key-ids
tests: Use long key IDs
Eric Curtin [Fri, 16 Feb 2024 13:00:10 +0000 (13:00 +0000)]
docs: Add webrick dependancy for building site locally
This mimics the GitHub Pages environment so that you can build and serve
the site locally for testing. It requires webrick these days.
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Justus Winter [Fri, 16 Feb 2024 12:33:21 +0000 (13:33 +0100)]
tests: Use long key IDs
Short key IDs are not secure, and may be rejected by OpenPGP
implementations. See https://evil32.com/
Signed-off-by: Justus Winter <justus@sequoia-pgp.org>
Timothée Ravier [Thu, 15 Feb 2024 15:20:33 +0000 (16:20 +0100)]
dependabot: Update github-actions weekly
Timothée Ravier [Thu, 15 Feb 2024 15:18:32 +0000 (16:18 +0100)]
workflow/docs: Update to actions/checkout@v4
Colin Walters [Thu, 15 Feb 2024 14:34:27 +0000 (09:34 -0500)]
Merge pull request #3175 from cgwalters/rofiles-fuse-statx
rofiles-fuse: Check fsverity flag for copyup
Colin Walters [Thu, 15 Feb 2024 13:07:40 +0000 (08:07 -0500)]
rofiles-fuse: Remove unused parameter
The logic simplified, so we don't need it anymore.
Colin Walters [Thu, 15 Feb 2024 01:33:17 +0000 (20:33 -0500)]
rofiles-fuse: Check fsverity flag for copyup
We need to do a copyup if fsverity is enabled.
Sadly to do this we can't just use ostree_break_hardlink
as is.
projects / ostree.git / log