Releases: coreos/rpm-ostree
2021.6
Client side
Any reboots initiated by rpm-ostree now opt-in by default to respecting systemd reboot blocking inhibitors. For example, an administrator can now run systemd-inhibit bash on a login shell on a Fedora CoreOS system and know that zincati's attempt to reboot (via rpm-ostree) will be blocked until the shell exits.
PR: #2862
rpm-ostree override replace now supports directly replacing existing overrides.
PR: #2863
rpm-ostree override replace with Fedora Bodhi/Koji URLs now directly speaks XML-RPC to Koji instead of using a redirector service that was intended to be temporary (and is no longer accessible).
There is experimental support for rpm-ostree deploy --ex-cliwrap=true which opts-in to having rpm-ostree intercept some other command line tools such as rpm, yum/dnf, and dracut. Use rpm-ostree ex apply-live to apply the change live, and rpm-ostree deploy --ex-cliwrap=false to disable again.
Compose side
There is a new experimental rpm-ostree ex-container CLI that uses the new ostree-rs-ext code to bidirectionally map between ostree commits and containers.
The /usr/sbin/sss_cache binary is temporarily removed (if present) at build time to avoid a spam of errors from sssd.
Internals
Current rpm-ostree now compiles again on RHEL8.4.
libdnf is updated, and several fixes to the RPM %_dbpath handling were made to ensure that osbuild correctly generates an rpmdb in /usr/share/rpm.
The rojig code has been removed. On the balance, the future direction of rpm-ostree will be more oriented towards the image side (particularly with containers). But, it's possible that the idea of rojig (and some of the code) may come back too.
Many dependent crates were updated; most notably openssl which now supports OpenSSL 3.0 as will be used soon by several distributions.
Colin Walters (40):
passwd: Make default perms 0644
Update to ostree-ext v0.1.2, add new `ex-container` command
Remove large chunks of rojig code
daemon: If we can't figure out auth rule, use override
Add support for `rpm-ostree deploy --ex-cliwrap=true`
importer: Remove rojig bits
core: Remove rojig bits
daemon/sysroot: Replace some rojig code with g_assert_not_reached()
origin: Remove rojig bits
rust/origin: Remove rojig bits
util: Remove rojig cache branch mapping functions
rust/treefile: Remove rojig spec writing
tree-wide: Remove (almost) all remaining rojig bits
rust: Port some bits to new ostree_ext::variant_utils
daemon: Make actually initiating reboot asynchronous
daemon: Remove support for session bus
importer: Remove traces of unprivileged import
Use new `ostree_commit_metadata_for_bootable()` API
daemon: Remove even more session bus code
Update to ostree-ext 0.1.3
daemon/isolation: Clean up failed units too
util: Fix missing error in decompose_sha256_nevra
rust/utils: Fix ordering of decompose_sha256_nevra
Drop use of koji redirector, use XML-RPC API
daemon: Die if /var/lib/rpm exists and is not a symlink
cliwrap: Add initial yum/dnf wrapper
core: Neuter /usr/sbin/sss_cache during compose/layering
origin: Switch baserefspec → refspec when de-layering
core: Add error prefixing when applying rpmfi overrides
test-installroot: Validate we don't have /var/lib/rpm
core: Fix comment and link to SSSD issue
docs: Minor admin-handbook tweaks
cliwrap/yumdnf: Indent rpm-ostree install info
cliwrap: Unify yum/dnf+rpm message about ostree
cliwrap/yumdnf: Remove duplicated print of IMAGEBASED
cliwrap/yumdnf: Fix up indentation
core: Move systemctl interception into Rust, fix wrapping only for scripts
rust: Fix misc clippy lints
builtin/tree: explicitly set _dbpath macro in global libdnf initialization
Release 2021.6
Jonathan Lebon (5):
man/rpm-ostree: Document `install --idempotent`
HACKING: Add section about using GDB with rpm-ostree
daemon/deploy: Handle resetting inactive replacement overrides by name
tests/kolainst: Copy to rpm-repos/ last
tests/kolainst: Add `make localinstall`
Kelvin Fan (1):
daemon: Respect systemd inhibitor locks
Luca BRUNO (18):
docs: update release step
importer: align /var/lib/rpm handling
packaging/spec: require rpm >= 4.16.0
packaging/spec: misc cleanups
lib: temporarily fork rpmver logic
lib/rpmver: replace tabs with spaces
packaging/spec: relax minimum librpm version
makefile/lib: filter out private sources from gir list
libdnf-sys/build: gracefully handle older gpgme versions
libdnf-sys/build: auto-enable zchunk if present
daemon/transaction: perform upfront null check on upgrader
app/clientlib: initialize bus_name
builtin/tree: inject _dbpath macro file in postprocessing step
libpriv/core: set _dbpath macro in dnf context
builtin/compose: move commit-id write logic to Rust
passwd: reduce the amount of log messages for new entries
composepost: minor cleanups and tests for dbpath macro injection
lockfile: bump openssl crate to latest version
Rafael G. Ruiz (1):
daemon/deploy: Allow replacing existing overrides without first resetting
Timothée Ravier (3):
*: rename master branch to main
*: rename master branch to main (external repos)
docs: Split pages into three main categories
v2021.5
This is mostly a bugfix release, with a few new user-facing features.
Client
Kernel arguments can now be updated in an idempotent fashion, via the new kargs flags --append-if-missing and --delete-if-present.
It is now possible to skip on-branch checks when deploying a specific revision by commit hash. This will be used by Zincati in Fedora CoreOS.
The Count Me feature from DNF is now fully disabled by default in all repo queries and will only be triggered by the corresponding rpm-ostree-countme.timer and rpm-ostree-countme.service units. See https://coreos.github.io/rpm-ostree/countme/ for details.
Compose
Among notable changes, the post-processing logic now understands the IMA extended attribute user.ima. When such xattr is found, it is automatically translated to security.ima in the final OSTree content.
The treefile got a new repo-packages field. It can be used to pin a set of packages to a specific repository.
The legacy unified-core logic proceeds on its path to deprecation, with an increased artificial delay to encourage remaining consumers to migrate away.
Internals
Several cleanups of internal treefile handling were completed with the goal of having the client side use treefiles as well.
Special thanks to our first-time contributors Rafael G. Ruiz and Stefan Berger!
Benjamin Gilbert (1):
docs: fix "Edit this page on GitHub" links
Colin Walters (25):
compose: Pass treefile directly in rpmostree_context_new_tree()
Read treefile directly for `documentation` flag
Read treefile directly for `selinux` and `recommends` flags
compose: Remove unused helper functions
Read treefile directly for `releasever`
Move `ref` parsing into core
build-sys: Drop git.mk, hardcode .gitignore
core: Rename context_new_system() to context_new_client()
core: Rename context_new_tree() to context_new_compose()
build-sys: Avoid re-building + re-linking cxx-rs C++ bits each build
compose: Move repos/lockfile-repos validation to Rust
daemon: Always write `staged` JSON field
core: Remove cancellable/error from context creation APIs
core: Split off a method to set the treespec
Expose more from treefile via cxx-rs; adapt _install_langs to use it
bwrap: Fix selftest to be truly immutable
core: Fix tempetc guard to be no-op if /etc exists
Require ostree v2021.2, use ostree-ext crate
tests/compose: Bump pinned fcos commit
Fix bwrap usage for mutate-os-release
Add Rust tracing crate usage
compose: Bump timeout for non-unified-core to 10s
Add and use the `camino` library for UTF-8 paths
composepost: Fix race condition in timestamp checking
treefile: Minor cleanup of handle_repo_packages_overrides()
Dusty Mabe (1):
lib/package: Fix rpm version comparison
Jonathan Lebon (35):
.gitignore: add compose-{cache,logs} dirs
rust/passwd: Fix handling of `previous` mode
tests/compose: Change rpmdb test to check for sqlite
tests/compose: Adapt chrony autovar for newer FCOS
rust/main: Pass CLI args to command entrypoints
rust: Drop includes.rs
libpriv: Bridge print_treepkg_diff_from_sysroot_path()
rust/treefile: Fix minor comment typo
core: Add comment about SERVER_BASE commits
treefile: Add new `repo-packages` field for pinning packages to repos
tests/vmcheck/misc-2: Update error message to grep for
treefile: Fix rpmdb backend casing
app/deploy: Add --skip-branch-check
lockfile: Add missing serde(deny_unknown_fields)
lockfile: Allow `metadata` field in locked packages
Kelvin Fan (1):
app/clientlib: Don't error if update driver "stopped"
Luca BRUNO (12):
composepost: uniform results and visibility for cxxbridge
tests/compose: add more autovar testcases
postprocess: move /var tmpfiles.d translation logic to Rust
tests/compose: check symlinks injected into the rootfs
composepost: move rootfs symlinks creation to Rust
composepost: optimize disk roundtrips
composepost: expand unit test surface
composepost: fix fchmod flags for tmpdir (glibc compat)
composepost: move SELinux workaround logic to Rust
composepost: move rpmdb linking logic to Rust
tests/override-kernel: add f34 kernel
libpriv/importer: move path-checking logic to Rust
Rafael G. Ruiz (3):
kargs: add CLI switches --append-if-missing and --delete-if-present
kargs: Add CLI switch --unchanged-exit-77
kargs: Simplify conditional statements
Stefan Berger (1):
Support hardcoded user.ima to security.ima translation
Timothée Ravier (3):
countme: Force disable Count Me logic in DNF
daemon: Only update idle status every 10 seconds
countme: Drop SELinux workaround/unpriv copy of rpm-ostree
v2021.4
Core changes
This release picks up a security fix from libdnf for: https://bugzilla.redhat.com/show_bug.cgi?id=1932079 (CVE-2021-3445).
Our internal bindings for using bubblewrap (/usr/bin/bwrap) to run scripts (including e.g. RPM scripts) has been ported to Rust.
Client
The client now tells users to run rpm-ostree cancel if another transaction is in progress. Thanks to our new contributor Ukpai Ugochi for this patch!
The client now detects if it's inside a container and emits a clearer error message.
The documentation now describes how to disable the "DNF Count Me" functionality.
Compose
Lockfiles can now lock by source RPM version rather than binary RPM version. This may end up being used in Fedora CoreOS to further simplify RPM overrides.
Composed OSTree commits now include security advisories in the commit metadata. The goal is to make it cheaper to query this information in clients, as well as in downstream pipelines (and eventually re-use this information to semi-automatically generate release notes).
Correspondingly, rpm-ostree db list and rpm-ostree db diff now have both learned the --advisories option.
Several improvements to the compose documentation were contributed by Alexander Wellbrock.
Oxidation continues
- Our internal bindings for using bubblewrap (
/usr/bin/bwrap) to run scripts (including e.g. RPM scripts) has been ported to Rust. - More code for
/etc/passwdand/etc/grouphas been ported to Rust. - Parts of the postprocessing code, e.g. bits to inject
OSTREE_VERSIONin/usr/lib/os-releasehave been ported to Rust.
Alexander Wellbrock (5):
docs/compose: move container section to bottom
docs/compose: add a introductory section
docs/compose: add section on the granular approach
docs/compose: apply review; unify repo paths
Fix ambigous compose postprocess man entry
Colin Walters (36):
rust: Fix minor clippy warnings
ci: Add a Github Action for Rust lints
treefile: Add an allow(dead_code)
compose: Move mutate-os-release string code to Rust
compose: Move `remove-files` code to Rust
rust: Factor out an ostree-host crate
rust/ostree-host: Add SysrootExt trait
rust/ostree-host: Add README.md and license files
kernel: Avoid using bwrap child setup
postprocess: Migrate `mutate-os-release` to Rust
Cargo.lock: Bump openat
bwrap,scripts: Add and use cleaner APIs for standard descriptors
clientlib: Strip GDBus remote error before throwing exception
ci: Update to use new buildroot pod
Add a helper API to detect running in systemd
tests: Add infinite loop package to kolainst-build
rust: Use indoc crate
bwrap: Initial Rust stub
Rewrite bwrap code in Rust
bwrap: Create a RoFilesMount struct
bwrap: Clean up capability additions
bwrap: Clean up /sys ro binds
bwrap: Add more docstrings
compose: Fix leak of Rust treefile object
Migrate `depmod` helper to core.rs
rust: More usage of indoc
composeutil: Clarify which dev failed to create
postprocess: Move more code into Rust
ci/prow: Update to use new buildroot image
rust/client: Make status be a method
tests: Stop running test-lib-introspection.sh
Oxidize more of postprocess.cxx
client: Provide more useful error if we're in a container
core: Fix the "is_system" variable
treefile: Make all members pub(crate)
treefile: derive(Default)
Jonathan Lebon (15):
lockfile: Allow locking by source RPM EVR
lockfile: Make `packages` optional
RELEASE: Add step to update libdnf's deps
spec: Add more deps from libdnf
docs: Add page about the daemon interface
build(deps): bump cxx and cxx-build from 1.0.33 to 1.0.41
rust/treefile: Drop unnecessary semi-colons
daemon: Move advisory GVariant generation to libpriv
libpriv/util: Add g_variant_byteswap helpers
app/clientlib: Make function for printing advisories public
app/clientlib: Support printing advisories without padding
compose: Bake advisory information into commit metadata
app/db: Add `db list --advisories`
app/db: Add `db diff --advisories`
Release 2021.4
Luca BRUNO (5):
rust/treefile: tweak check-passwd/check-groups data
libpriv/passwd: move pre-commit validation hooks to Rust
passwd: optimize validation logic
libpriv/json-parsing: remove dead code
passwd: aling all bridge functions to return CxxResult
Stefan Berger (1):
libpriv: Remove unnecessary builder causing memory leak
Timothée Ravier (1):
docs: Update instructions to disable countme
Ukpai Ugochi (1):
Help text on error: Transaction in progress #2341
2021.3
rpm-ostree v2021.3
Client side improvements
A new rpm-ostree-countme.timer unit is introduced. This implements https://fedoraproject.org/wiki/Changes/DNF_Better_Counting so that rpm-ostree based host systems can be counted in the same way. There are plans to enable this by default for Fedora 34.
An additional flag rpm-ostree install -A/--apply-live <packages> stabilizes a subset of rpm-ostree ex apply-live to queue a change for the next boot and also apply that change live.
Update driver checking
For many systems, rpm-ostree is just a "backend" for OS updates being controlled by an external process. This was formalized a bit in the previous release with the addition of --register-driver. In addition to rpm-ostree upgrade, deploy and rebase will now also error out if an upgrade driver is registered; this check can be skipped with --bypass-driver.
Overall
Several new documentation pages:
As well as updates to the man pages and README.md.
Internals
Compared to 2020.8, the share of Rust code increased from ~10% to ~18%, and C/C++ decreased correspondingly from 88% to 79%. This is the result of new features that have been directly implemented in Rust, plus some existing core logic that has been ported over.
In particular, chunks of the compose side postprocessing such as handling of the /etc/{passwd,group} has been almost completely ported to Rust, as well as the apply-live functionality. Instead, the new countme logic has been directly implemented in Rust.
More internal APIs for e.g. progress output and RPM diffing are exposed to Rust, which will make it much easier to port further code.
We dropped use of cbindgen, so we now use only one bridge API cxx.rs internally. Though glib-rs is heavily used as well.
Thanks to all contributors!
Timothée Ravier (7):
countme: Persist last timer trigger to handle system suspends
Install rpm-ostree sysusers config and countme units
rust: Relicense some GPL-2.0-or-later to Apache-2.0 OR MIT
Remove rpm-ostree sysusers config
countme: Refuse to run as root
rpm-ostree-countme.timer: Fix AccuracySec and add OnBootSec
Install a temporary copy of rpm-ostree for unprivileged use
Jonathan Lebon (11):
Finish moving lockfile to cxx.rs
app/override: Hint at `rpm-ostree override reset`
compose/extensions: Handle no --base-rev
lockfile: Allow specifying EVR rather than EVRA
lockfile: Drop ror_ prefix
lockfile: Return LockfileConfig rather than Vec<StringMapping>
Kelvin Fan (3):
app/dbus-helpers: Factor out updates driver-related functions
app/{deploy,rebase}: Do not deploy/rebase if updates driver registered
app/dbus-helpers: Don't error out if caller is updates driver
Luca BRUNO (9):
rust: add missing SPDX-License-Identifier tag
libpriv/passwd: move compose preparation to Rust
libpriv/passwd: remove unused functions
treefile: add getters for check-passwd and check-groups
libpriv/passwd: move UID/GID checker to Rust
cargo: sort dependencies
cargo: add maplit
rust/treefile: add support for check-passwd/groups data entries
passwd: minor cleanups
Colin Walters (78):
rust: Fix some misc clippy lints
rust: Quiet clippy Vec<Foo> arg
rust/extensions: Fix two clippy lints
rust/countme: Fix clippy lint by refactoring serialization
Add gobj_rewrap() API to pass glib-rs objects back to C++
ci: Add Prow e2e testing
daemon: Refactor deployment variant generation code
Add daemon.rs with one helper function, use it from C++
app: Rename livefs.cxx → apply-live.cxx
daemon: Rename transaction_livefs → transaction_apply_live
Add a C++ rpmdb-diff API wrapping the C one, bind in Rust
Fix progress API to have "output message" separate from task
apply-live: Move client-side finish to Rust
apply-live: Delete code to check for live commit post-txn
codestyle: Remove tabdamage.txt in OK case
rust: Add SPDX-License-Identifier and validate it in ci/codestyle.sh
lockfile: Be robust to non-seconds-since-epoch repodata
docs/HACKING.md: Various updates
daemon: Move some "deployment variant" generation to Rust
ci: Drop tests/vmcheck/image.qcow2, use COSA_DIR/.cosa
ostree_utils: Add a workaround for optional ref
apply-live: Rework to use refs to store state
docs/architecture-core.md: New file
daemon: Heap allocate GVariantDict to pass to Rust
daemon: Fix crash on upgrade with remote:checksum
client: Remove peer_pid value from option parsing
tests/vmcheck: Use .cosa over COSA_DIR
ex: Drop erroneous REQUIRES_ROOT flag on apply-live, initramfs-etc
tests/apply-live: Upgrade+liveapply no-package changes
cxxrsutil: Generalize cxxrs_bind! macro
tests: Add RPMs to installed kola tests, port layering-local
Introduce CxxGObjectArray, use in lockfile code
Remove cbindgen
app: Rename dbus-helpers to clientlib
app: Factor out a helper function to register as a client
Add basic Rust CLI bindings for DBus
Add more client Rust bindings, port apply-live builtin
apply-live: Fix --target option
man: Add docs for apply-live
design/package-layering.md: Remove
rust/client: Extend with more metadata for zincati
rust/client: Add a CliClient with agent ID, require for status
rust/client: Add methods to find/require booted deployment
rust/client: Add Deployment/get_base_commit() API
client: Add API to fetch base commit metadata
rust/client: derive(Debug, Clone)
daemon: Move a bit more deployment-variant code to Rust
live: Pass options GVariant down
live: Use a shared constant for option
live: Hold a single sysroot object
tests: Port apply-live to kola ext tests
live: Disallow replacement/removal by default, add --allow-replacement
install: Add --apply-live
Move some small daemon layering lookup into Rust
ci/prow: Install in target cosa, also install and run our tests
rust: Add and use fn-error-context
rust: Support context attribute on CxxResult, use it more
docs: Add apply-live
tests: Drain vmcheck/test-misc-1 into kola/misc.sh
live: Don't output "services restart" for pure package additions
ci: Add composepost-checks.sh, drop a compose test
daemon: Fix serialization of unlocked state
Oxidize postprocessing `altfiles` addition to `/etc/nsswitch.conf`
Move high level bwrap postprocess interface to C++
postprocess: Move script execution to Rust
postprocess: Move add-files handling to Rust
postprocess: Move treefile externals sanitycheck to Rust
Move units/machineid-compat checking to treefile in Rust
Move writing /usr/share/rpm-ostree/treefile.json to Rust
rust: Introduce systemd-run based isolation mod, use in live
composepost: Clean up imports
rust: Rename progress.rs to console_progress.rs
Add Rust progress task wrapper
postprocess: Use a single entrypoint to Rust
postprocess: Move rpmdb symlink to Rust
postprocess: Remove redundant renames of etc -> usr/etc
rust/composepost: Cleanup Treefile import
Move `units` and `default-target` processing to Rust
2021.2
Release 2021.2
Client side changes
The client now supports a --register-driver command which will be used by Fedora CoreOS and zincati.service to tell rpm-ostree that another service is actively "driving" updates. In concert with this, rpm-ostree upgrade now emits an error message if a driver is active.
PRs: #2459 and #2566
Compose
There is a new rpm-ostree compose extensions which will be used by RHEL CoreOS, but is intended to be generally usable by rpm-ostree users that want to more cleanly split their builds into "base OS image" + "optional extensions (RPMs)", while reusing the same declarative manifest format.
PR: #2439
Core changes
rpm-ostree now better supports a newer libsolv that uses %{_dbpath} to find the rpm database.
(This fix was already backported into Fedora)
Issue: #2548
Internals
Change main entrypoint to be Rust is a huge milestone - rpm-ostree is now a Rust application with an internal C++ library. We now do bidirectional calls. The transition to Rust is accelerating!
Other oxidation progress:
- Much of the code around handling
/etc/{passwd,group}is now in Rust; PR: #2580
A lot of CI fixes and cleanups; most notably we now test some with AddressSanitizer which caught one bug.
Colin Walters (81):
Make `make check` work again
rust: Port history to cxx-rs
rust/fedora_integration: Support export RPMOSTREE_KOJI_JSON_API_HOST=...
Remove some uses of `goto out`
rust: Add a bit more info on cxx, move up StringMapping
ci: Make msrv test do full build + unit tests
cxxrs: Work around failure with -Werror=missing-declarations
rust: Link to our C/C++ dependencies and internal library
Move nevra parsing to Rust, first use of `extern "C++"`
libmain: Avoid use of goto out
rust: Add some allow(dead_code)
compose: Remove unused treefile_rs parameter
tests/layering-fedorainfra: Update rpm-ostree build
tests: Fix compliation
ci: Re-enable `make check`
Makefile.bindings: Also generate pure rust/cxx.h
lockfile: Note that comment is JSON
lib: Don't link to libdnf
vagrant: Remove this
scripts: Remove, not used
cliwrap: Fix indentation
Bridge "next version" API to Rust, use it for unit tests
build: Use -std=c++17
tree-wide: Convert g_return.*if_fail to g_assert
ci: Drop testuser creation
ci: Split clang into separate script, run it in CoreOS CI
ci: Drop custom msrv checking
Change main entrypoint to be Rust
build-sys: Move some linkage purely to Rust
build-sys: Rebuild on C++ changes
ci/build-check: Don't make install
ci: Skip installing deps if non-root
scripts: Fix a stack use-after-free
ci: Add a commit validation entrypoint
Also export PATH here
ci: Ensure HOME is set
ci: Also test for HOME being writable
ci: Don't assume HEAD exists
ci: Consistently source libbuild
ci: Propagate make jobs to clang build too
build-sys: Explicit workspace, move libdnf deps to crate
Move libdnf build over to Cargo
build-sys: Drop Fedora 25+ rpm version check
build-sys: Delete duplicate Rust pkg-config dependencies
build-sys: Cleanly split up deps of public shlib vs internals
ci: Drop clang and unit tests from here
libdnf: Various buildsys fixes
ci: Add clang-analyzer.sh
tree-wide: Fix some spurious "Dead assignment" from clang-analyzer
tree-wide: Fix some "Dead assignment" from clang-analyzer
util: Annotate our "throw" wrappers as `[[ noreturn ]]`
libmain: Refactor to fix analyzer warning
tree-wide: Pacify some clang-analyzer "Dead nested assignment"
tree-wide: Squash some clang-analyzer found unused variables
Make failure to find packages fatal, add more error prefixing
ci/clang-analyzer: Install deps
tree-wide: Fix clang -Wgnu-designator/-Wunused-variable
transaction: Fix missing return in error case
build-sys: Add --enable-werror, rework compiler flags
build-sys: Statically link binary against shlib code
Rename internal Rust progress to console_
Bind output core into Rust, use in apply-live
scripts: Bind /usr/share/empty over /usr/share/rpm
build: Drop introspection+clang hack
Add --enable-sanitizers (not on by default yet)
tree-wide: Include GLib headers before libdnf
rust: Add module doc headers
Switch to using cxx-rs for treefile
tree-wide: Fix C++ range iteration to use references
build-sys: Always run `make` → `cargo build`
Misc doc tweaks/cleanups
tests/layering-non-root-caps: Adapt to new libcap output
ci: Drop: distro-sync, continuous repo
ci: Add `time` prefixing before most commands
build-sys: Ignore .cosa
ci: Rework build/test dependency install
tests: Fix bodhi link
Add an rpmostree-client sub-crate
compose: Add missing #include <optional>
libdnf-sys: Include gio.h before libdnf.h
Release 2021.2
Jonathan Lebon (31):
spec: Add BuildRequires: make
ci: Set RPM_BUILD_NCPUS when building RPMs
docs/HACKING: drop reference to `make vmcheck HOSTS=...`
.editorconfig: Adjust for CXX files
Revert "core: Allow overriding downloaded RPMs target dir"
app: Add `rpm-ostree compose extensions`
rust: Fix clippy warnings
core: Set _dbpath back to /usr/share/rpm after writing rpmdb
extensions: Write JSON to output dir
core: Factor out function to set repos on pkgs
core: Factor out function to download pkgs
core: Fix handling of local packages when downloading
extensions: Support enabling additional repos
extensions: Fix missing CxxResult
app/compose: Add comment about pkgcache
rust/treefile: Drop unnecessary #[serde(rename)]
extensions: Add support for development extensions
tests/compose.sh: Always rebuild supermin appliance
Makefile-rpm-ostree: Drop hardcoded `release` path
Makefile-rpm-ostree: Fix setting of `cargo_target_dir`
Makefiles: Drop unnecessary `cd rust/` and `CARGO_TARGET_DIR`
core: Don't allow noent when resolving pkgcache rev
ci: Temporarily use libsolv-0.7.17
Add /usr/lib/rpm/macros.d/macros.rpm-ostree to set %_dbpath to /usr/share/rpm
lib/package: Fix comment about rpmdb checkout
libpriv/rpm-util: Add /usr/lib/sysimage/rpm symlink in rpmdb checkout
libpriv/rpm-util: Use /usr/share/rpm for base rpmdb query
ci: Re-add CARGO_BUILD_JOBS
extensions: Don't try to chown RPM packages
libdnf-sys: Drop C API, replace with cxx.rs bridge
lockfile: Move ror_lockfile_read to cxx.rs
Kelvin Fan (13):
daemon: Record agent's systemd service
vmcheck/test-misc-2: Fix $cursor variable
HACKING: Update vmcheck instructions
docs/HACKING: Update kola ext test instructions
Add `register-driver` option to UpdateDeployment D-Bus API
app/status: Display update driver info
deploy: Allow empty string argument if `--register-driver`
daemon/rpmostreed-daemon: Look up sd unit if caller not registered
app/status: Show update driver's state and status
app/status: Use `AutomaticUpdatesDriver` if updates driven by external driver
tests/common/libvm: Print error if bad tests/vmcheck/image.qcow2
app/status: factor out get_sd_unit_objpath() function
app/upgrade: Do not upgrade if updates driver registered
Luca BRUNO (11):
libpriv/passwd: move RPM layering logic to Rust
github: update dependabot config
ci: fix install-extra logic
testutils: port to new 'rand' library API
rust/passwd: finish moving group and passwd parsers
rust/passwd: minor cleanup, switch to copy_file_at
libpriv/passwd-util: move migration logic to Rust
rust/passwd: minor cleanup, use write_file_with_sync
libpriv/passwd: move entries deduplication logic to Rust
make/rust-test: fix linking and loading
libpriv/postprocess: get rid of goto statements
dependabot[bot] (20):
build(deps): bump libdnf from `45981d5` to `1ebad38`
build(deps): bump serde_json from 1.0.60 to 1.0.61
build(deps): bump serde from 1.0.118 to 1.0.120
build(deps): bump serde from 1.0.120 to 1.0.122
build(deps): bump anyhow from 1.0.35 to 1.0.38
build(deps): bump libc from 0.2.81 to 0.2.82
build(deps): bump serde_yaml from 0.8.14 to 0.8.15
build(deps): bump systemd from 0.8.1 to 0.8.2
build(deps): bump tempfile from 3.1.0 to 3.2.0
build(deps): bump rust-ini from 0.16.0 to 0.16.1
build(deps): bump cxx from 1.0.20 to 1.0.28
build(deps): bump rand from 0.7.3 to 0.8.2
build(deps): bump serde from 1.0.122 to 1.0.123
build(deps): bump rand from 0.8.2 to 0.8.3
build(deps): bump libdnf from `1ebad38` to `e92a15a`
build(deps): bump libc from 0.2.82 to 0.2.84
build(deps): bump cxx from 1.0.28 to 1.0.29
build(deps): bump cxx from 1.0.29 to 1.0.30
build(deps): bump serde_json from 1.0.61 to 1.0.62
build(deps): bump serde_yaml from 0.8.15 to 0.8.16
Git-EVTag-v0-SHA512: 098fda1600aeecee9d355bec6d30b6a32e6c346d2ff5e025eae7599430d784e5b4270d9bb4858c1034ff2776cc80e34722cd7c164fe199b0aacfef4b48a38587
2021.1
rpm-ostree ex apply-live
In this release, the functionality formerly known as rpm-ostree ex livefs is now known as rpm-ostree ex apply-live, and it's been placed on a much firmer technical foundation and is considered much safer to use. It's still under ex because we may make some interface changes, and we hope to gather feedback.
Concretely apply-live now uses a "transient" overlayfs instead of mutating any persistent filesystem. This makes it robust against power loss while the running filesystem is being changed. We no longer push a rollback deployment, etc. Stated a different way: if something goes wrong, all you need to do is reboot.
Countme support
rpm-ostree now ships an rpm-ostree-countme.timer unit which fulfills the same purpose as the DNF countme feature. This will allow Fedora counting of installed systems to include rpm-ostree-based variants like Fedora CoreOS, Fedora Silverblue, and Fedora IoT, while still preserving user privacy.
Note the unit is currently not enabled by default. For more information, including how to disable it, see the docs.
override replace directly from Bodhi/Koji
Another notable feature in this release is support for directly pulling builds from current Fedora testing/build tools Bodhi and Koji.
Now with rpm-ostree v2021.1 you can run e.g.:
$ rpm-ostree override replace https://bodhi.fedoraproject.org/updates/FEDORA-2020-2908628031
to directly pull in a single Bodhi update applied relative to your booted system (presumably a stable stream) without changing anything else. You can also pull in Koji builds (that may or may not be in a Bodhi update):
$ rpm-ostree override replace https://koji.fedoraproject.org/koji/buildinfo?buildID=1625029
This allows you to more directly interact with Bodhi's current model of testing individual updates.
Note that like all usage of override replace, these versions are "pinned" until explicitly removed with a variant of rpm-ostree override reset.
(This does combine with apply-live so you can more easily test out changes)
Default to sqlite in F34+
Fedora 34 rpm-ostree based systems will switch to the sqlite backend by default, silencing a warning about use of the bdb backend.
Shared library "hollowed out"
Quite a while ago rpm-ostree started shipping a shared library librpmostree-1.so.1.0.0; mainly it's used by e.g. gnome-software to display package diffs between ostree commits. However this created a problem later because we duplicated a lot of code between our binary and the shared library, and that in turn caused unnecessary bloat. The build system and implementation of the shared library was reworked to fork off the binary and parse its output. This reduced the size (debug symbols stripped) from ~2.6MB to 320k (-~88%).
Internals: FFI and Rust
Large portions of rpm-ostree have already been ported to the Rust programming language, in order to improve the overall level of safety and resilience of the project.
To further accelerate this transition, since the last release we are using cxx.rs as a code generation helper, which has the compelling feature of supporting fully safe bidirectional calls between C++ and Rust.
This required switching the C code to "C that builds in C++ mode". For the sake of clarity though, the goal here is to accelerate our transition to Rust, not to rewrite rpm-ostree code in modern C++.
Colin Walters (123):
main: Convert to C++
Port rpmostree-sysroot-upgrader to C++
Port rpmostree-sysroot-core to C++
Port rpmostree-deployment-utils to C++
Port rpmostreed-os to C++
Port rpmostreed-transaction-types to C++
Rename `ex livefs` to `ex apply-live`
apply-live: Print a success message
service: Explicitly RequiresMountsFor=/boot
transaction: Also log to journal when processes connect to txn
msrv: Bump to Rust 1.48.0
daemon: Record the agent ID in the journal
spec: Propagate Fedora default rustflags
Port rpmostree-output to C++
Port rpmostree-composeutil to C++
Port rpmostree-passwd-util to C++
shlib: Make basearch APIs call `/usr/bin/rpm-ostree shlib-backend`
lib: Drop dependencies on internal librpmostree-priv
buildsys: Compile daemon code directly with binary
tests: Disable C unit tests
buildsys: Unify build of binary and internal shared library
lib: Make varsubst_basearch propagate errors
More C++ porting, round 6
Port rojig2commit to C++
Port compose-builtin-rojig to C++
Port rpmostree-util to C++
Port rpmostree-libbuiltin to C++
Port rpmostreed-transaction-livefs to C++
Port rpmostree-refts to C++
Port rpmostree-libarchive-input-stream to C++
Port rpmostree-scripts to C++
Port rpmostree-unpacker-core to C++
Port rpmostree-importer to C++
Port rpmostree-rojig-client to C++
Port rpmostree-origin to C++
Port rpmostree-rojig-assembler to C++
Run rustfmt, and fix CI check for it
Port rpmostree-json-parsing to C++
Port rpmostree-editor to C++
Port rpmostree-pkg-builtins to C++
Port rpmostree-builtin-reset to C++
Port rpmostree-builtin-override to C++
Port rpmostree-builtin-usroverlay to C++
Port rpmostree-builtin-refresh-md to C++
Port rpmostree-builtin-livefs to C++
Port rpmostree-builtin-upgrade to C++
Port rpmostree-builtin-rollback to C++
Port rpmostree-builtin-deploy to C++
Port rpmostree-builtin-reload to C++
Port rpmostree-builtin-rebase to C++
Port rpmostree-builtin-cancel to C++
Port rpmostree-builtin-cliwrap to C++
Port rpmostree-builtin-cleanup to C++
Port rpmostree-builtin-initramfs to C++
Port rpmostree-builtin-initramfs-etc to C++
Port rpmostree-builtin-status to C++
Port rpmostree-builtin-ex to C++
Port rpmostree-builtin-testutils to C++
Port rpmostree-builtin-shlib-backend to C++
Port rpmostree-builtin-db to C++
Port rpmostree-builtin-start-daemon to C++
Finish removing `ex container` code
Port rpmostree-builtin-finalize-deployment to C++
Port rpmostree-db-builtin-dif to C++
Port rpmostree-db-builtin-list to C++
Port rpmostree-db-builtin-version to C++
Port rpmostree-override-builtins to C++
Port rpmostree-polkit-agent to C++
Port rpmostree-builtin-kargs to C++
Port rpmostree-builtin-compose to C++
Port rpmostreed-daemon to C++
Port rpmostreed-utils to C++
Port rpmostreed-sysroot to C++
Port rpmostreed-errors to C++
Port rpmostree-package-variants to C++
Port rpmostreed-os-experimental to C++
build-sys: Remove --enable-installed-tests
build-sys: Remove --with-bubblewrap
build-sys: Remove RHEL7 autotools backport
build-sys: Drop autoconf bits to find dbus service directory
apply-live: Print a package diff
buildsys: Make one big rpmostreeinternals.la, enable unit tests again
ci: Introduce install-extra-builddeps.sh
Use cxx-rs for core.rs
Use cxx-rs for utils.rs download_to_fd
Use cxx-rs instead of gresources
Move "ignored script list" to Rust, drop gperf
Rework bindgen/cxx.rs usage and CI build
Makefile.bindings: Use content-based change detection
Add a partial reimplementation of origin parsing in Rust
ci: Don't run autotools twice
Add support for some GObject bridging to cxx-rs
Bump to cxx-rs 1.0.20
Use cxx-rs for live-apply
lib: Cleanup `#include <>`s
Port initramfs Rust code to cxx-rs
util: Remove `#ifdef __cplusplus`
Move some client argument handling to Rust
Complete move to cxx-rs for utils
Port cliwrap FFI to cxx-rs
Port composepost to cxx-rs
tests: Fix rsync of base rpmdb with sqlite
Port Rust journal bits to cxx-rs
Add fedora-integration: Support `override replace https://bodhi/...`
Also print Rust-side features/cfg in `rpm-ostree --version`
With vendored source, use cargo build --offline
configure: Update contact email
Rename livefs → apply-live in more places
journal: Add filters for _UID=0
testutils: Port to cxx-rs
Add a Rust helper to create a sealed memfd, use in shlib backend
scripts: Pass script as a memfd
testutils: Add script-shell, remove shell wrapper
apply-live: Avoid clobbering changes in /etc
rust: Add CxxResult
rust: Update to openat-ext 0.1.10
rust: Fix a pub(crate) warning, add a few doc comments
apply-live: Extend /etc test case
rust: Port progress.rs to cxx-rs
scripts: Use bwrap --ro-bind-data rather than mutating target
scripts: Rework /var/lib/rpm-state creation, port to new style
Release 2021.1
Update configure.ac
Jonathan Lebon (8):
Default to sqlite rpmdb backend on f34
Makefile-rpm-ostree: fix path to cbindgen.toml
spec: Minor tweaks
ci/install-extra-builddeps: Drop --root=/usr arg
ci: Add `~/.cargo/bin` to PATH in Prow path as well
Makefile-rpm-ostree: Link to librt
core: Allow overriding downloaded RPMs target dir
app/compose: Drop rojig-related prototypes
Luca BRUNO (1):
libpriv/passwd: move passwd database to Rust
Timothée Ravier (3):
countme: Add DNF Count Me support
Cargo.lock: Update for DNF Count Me support
Remove now unused mkdocs.yml
dependa...
2020.10
A quick fixup on top of https://github.com/coreos/rpm-ostree/releases/tag/v2020.9
Colin Walters (4):
rust: Add deny(unused_must_use)
Port rpmostree-kernel to C++
Fix and improve support for rpmostree-rust.h being pre-generated
Release 2020.10
2020.9
rpm-ostree v2020.9
Client
The ex livefs command was completely rewritten and moved to a much safer foundation.
Bugfixes:
override replacewith the kernel works again- libdnf plugins are explicitly disabled
- Another 32-bit printf fix
Composing
No real changes.
Internals
- Our CI is now on Fedora (CoreOS) 33 and tests were fixed for that
- Investigating https://cxx.rs/ and moving some code to C++, but the end game is mostly Rust!
- Some further small parts were rewritten in Rust.
Colin Walters (20):
Rewrite livefs
service: Enable ProtectHome=true
livefs: Fix --target, add --reset and print diff
tree-wide: Add extern "C" wrapping to our headers
scripts: Neuter RHEL8 nvme-cli %post
Convert some code to compile in C++ mode
Remove ex-container
compose: Use static enablement for ostree systemd services
bindgen: Bump to 0.15
tests: Add case for running rpm -q in a %post
Add a helper move_nullify
app: Port dbus-helpers to C++
Port rpmostree-postprocess to C++
Port rpmostree-core to C++
Port rpmostreed-transaction to C++
Move bindgen into tooling/, add dependabot
Move the main Rust infra (i.e. Cargo.toml) to the toplevel
upgrader: Inject --no-hostonly again if no initramfs-args
livefs: Fix GVariant refcounting
Release 2020.9
Jonathan Lebon (6):
core: Disable libdnf plugin loading
rust: Move to new systemd journal API for opening
daemon: Drop CreateOSName
app/history: Limit entries to print to 3
history: Use shorthand struct initialization
libpriv/scripts: Fix uint64 printing
Luca BRUNO (4):
tests/jsonutil: update invalid specifier
Revert "ci: Freeze FCOS commit to f32"
tests/override-kernel: support f33
core: add a guard for temporary-etc context and move to Rust
Prajna Sariputra (1):
docs: Update links to the OSTree documentation
Timothée Ravier (1):
rust: Fix various clippy warnings
dependabot[bot] (16):
...omitted...
2020.8
Mainly two compose side fixes that will help coreos-assembler.
Besides that, some smaller code cleanups.
Colin Walters (7):
daemon: Rewrite some core initramfs-overlay logic in Rust
rust/lockfile: Use from_glib_full to avoid manual free
scripts: Link to lua issue on error
treefile: Fix hashing of externals
compose: Add --previous-commit
Remove coreos-rootfs command
Release 2020.8
Jonathan Lebon (2):
Drop use of `volatile`
ci: Freeze FCOS commit to f32
Luca BRUNO (1):
sh: fix bash shebang
dependabot[bot] (2):
build(deps): bump anyhow from 1.0.33 to 1.0.34 in /rust
build(deps): bump libglnx from `1dd01d5` to `493d399`
Git-EVTag-v0-SHA512: 6e4c1d1752195dfdef2c80f0c9d5d7091b6c5abfe0d96bf499a3a7fe717b5ae05ab560341a80e1391a579e36c204299abd8db88c59f847353874836e808c3d02
