ostree
Operating system and container binary deployment and upgrades
OTHER License
Bot releases are visible (Hide)
Published by jlebon over 5 years ago
It's been some time since the last release, so this is a slightly larger
one! There's lots of new features, and a few bug fixes. Some highlights
below.
New features:
- A new
sysroot.bootloaderkey was added to be more explicit about
which bootloader OSTree should use. Notably anonevalue is
supported, in which OSTree is solely responsible for writing the BLS
entries. This can then be used by bootloaders like GRUB2, which now
supports BLS natively. (#1814) -
ostree confignow supports theunsetcommand to unset a key from
the OSTree repo config (#1743) -
ostree remote addnow supports the--forceflag to replace a
remote of the same name if it exists (#1166) -
ostree-prepare-rootnow logs a structured journal message after
finding the deployment to which to pivot. This can be used by
higher-level apps like RPM-OSTree to build a history of the
deployments the machine was booted into. (#1842) - The staging API now supports a lockfile which prevents finalization at
shutdown. This is intended to be used in systems like Fedora CoreOS,
which needs more fine-tuned control between staging a deployment,
and setting it as the default deployment on reboot. (#1841) -
ostree static-delta shownow prints theFromandTocommits for
which the delta was generated (#1823)
Bug fixes:
- Make looking up collection-refs similar to how regular refs are looked
up, i.e. first in the transaction, then in the current repo, and then
in the parent repo (#1821) - Don't include the OSTree commit version number twice in the boot menu
title. This affected at least Fedora-based systems composed with
RPM-OSTree'smutate-os-release. (#1829) - Activate
ostree-finalize-stagedearlier; this should hopefully make
deployment finalization more reliable by running it later in the
shutdown sequence, when less services are running (#1840) - Run
grub2-mkconfigon the filesystem tree of the pending deployment,
rather than the previously deployed tree. This was a corner case where
the deployment failed if a previous deployment did not exist, on
systems where grub.cfg is used. (#1831)
As always, thanks to all the contributors!
Colin Walters (5 PRs, 8 commits)
Post-release bump (#1800)
static-delta: Change `show` to display from/to commits (#1823)
prepare-root: Fix compilation with --with-static-compiler (#1846)
PR: #1803
lib/commit: Don't set user.ostreemeta for bare → bare-user-only imports
lib/commit: Set xattr on correct fd for bare-user → bare-user imports
lib/commit: Fix bare → bare imports
PR: #1806
ci/rpmostree: Bump to 2019.1
ci/rpmostree: Fix use of `fatal`
Dan Nicholson (1 PR, 3 commits)
PR: #1166
remote-add: Add --force option to add or replace remote
man: Document remote add --if-not-exists option
repo: Add OstreeRepoRemoteChange replace operation
Jeremy Bicha (1 PR, 1 commit)
tests: Update for glib 2.59.2 (#1818)
Jonathan Lebon (6 PRs, 9 commits)
lib/deploy: Don't include version twice in bootmenu title (#1829)
boot: Activate ostree-finalize-staged even earlier (#1840)
ostree-prepare-root: Log journal message after finding deployment (#1842)
Release 2019.2 (#1844)
PR: #1841
lib/deploy: Support locking deployment finalization
lib/deploy: Write to journal if nothing to finalize
lib: Add ot_journal_* helper macros
PR: #1843
lib/sysroot: Match deployment /usr mode for overlay
lib/sysroot: Call `chmod` on overlay dirs when unlocking
Laurent Bonnans (1 PR, 1 commit)
lib/repo: fix leak of `bootloader` field (#1837)
Matthew Leeds (11 PRs, 17 commits)
tests: Don't skip collection-based summary test (#1804)
lib/repo-pull: Allow the keyring remote to be overridden (#1810)
lib/repo-pull: Fix docs for n-network-retries option (#1812)
lib/repo: Fix Since: annotation for REMOTE_CHANGE_REPLACE (#1813)
tests: Remove unused includes in libostreetest.c (#1815)
man: Document ostree --version (#1820)
lib/repo-refs: Resolve collection-refs in-memory and in parent repos (#1821)
lib: Check for http_proxy being the empty string (#1835)
PR: #1743
ostree/config: Check for too many args
man/ostree-config: Consistently use GROUPNAME placeholder
ostree/config: Use g_autoptr instead of goto
ostree/config: Add an "unset" operation
PR: #1825
lib/repo-refs: Allow resolving local collection-refs
lib/repo-refs: Add a flag to exclude listing from refs/mirrors
lib/repo-refs: Fix resolving collection-refs
PR: #1834
tests: Put a regex in quotes
tests: Escape periods when appropriate
Micah Abbott (1 PR, 1 commit)
README: add note about Liri OS (#1802)
Robert Fairley (3 PRs, 9 commits)
PR: #1814
Add sysroot.bootloader repo config key
libotutil: Rename to ot_keyfile_get_string_list_with_separator_choice()
tests/test-config: Remove extra space
ostree-grub-generator: Comment wording fix
(and 1 commit from other author)
PR: #1831
grub2: Generate config from pending deployment
tests/test-admin-deploy-none: Split grub.cfg directory and file creation
tests/test-admin-deploy-none: Update comment for #1774 status
PR: #1839
tests/test-config: Fix regex causing Debian test failure
travis: Update to Debian Stretch
Robert Fairley (1 PR, 1 commit)
PR: #1814
libotutil: Add ot_keyfile_get_value_with_default_group_optional()
(and 4 commits from other authors)
Published by cgwalters almost 6 years ago
This is the first libostree release of 2019; no big changes, just a collection of smaller
features and bugfixes.
On the features side, a good example is:
lib/repo: Search a list of paths in gpgkeypath for gpg keys
from PR #1773 - this will be useful for Fedora which rotates GPG keys
across releases.
Another feature is grub2: add support for devicetree
from PR: #1790
lib/kargs: allow empty-list arguments i.e. PR #1785 is between a
bugfix and feature - it ensures libostree supports "empty list" kernel
arguments.
There's also some ongoing work to have libostree be a "backend"
for OCI/Docker container storage; checkout: honor opaque checkouts
in PR #1486 is part of that.
pull: If built with --disable-http2, allow enabling via http2=1 from
PR #1798 will allow people to more easily play with HTTP2 if
it's disabled by default.
Thank you to all contributors!
Alexander Larsson (1 PR, 1 commit)
Fix leak in ostree_content_stream_parse() (#1784)
Colin Walters (6 PRs, 8 commits)
lib/commit: Try checksum+hardlink for untrusted local same-uid repos (#1776)
Update libglnx (#1781)
ci/papr: Drop insttests (#1783)
pull: If built with --disable-http2, allow enabling via http2=1 (#1798)
PR: #1766
ci: Add `dist-then-build` target to catch missing `EXTRA_DIST`
build-sys: Dist ostree-finalize-staged.path
PR: #1800
Post-release bump
Release 2019.1
Giuseppe Scrivano (1 PR, 1 commit)
checkout: honor opaque checkouts (#1486)
Jonathan Lebon (7 PRs, 7 commits)
bin/refs: Disallow creating broken aliases (#1768)
bin/pull-local: Add --commit-metadata-only (#1769)
lib/commit: Copy user.ostreemeta only for bare-user (#1771)
lib/commit: Add devino_cache_hits to txn stats (#1772)
bin/pull: Add URL metavar for --url switch (#1782)
boot/grub2: Add some more explanation in ostree-grub-generator (#1791)
PR: #1761
ostree/main: Wrap `Version` in `--version` in quotes
(and 1 commit from other author)
Luca Bruno (1 PR, 1 commit)
lib/kargs: allow empty-list arguments (#1785)
Matthew Leeds (1 PR, 1 commit)
lib/repo: Clarify docs for importing w/ trust (#1777)
Matthias Clasen (1 PR, 2 commits)
PR: #1788
Fix a small leak in ostree_repo_remote_list_collection_refs
Fix a small leak in ostree_repo_pull_with_options
Rafael Fonseca (2 PRs, 2 commits)
admin/status: Correctly check GPG signature (#1787)
admin/status: test GPG signature check (#1797)
Ricardo Salveti (1 PR, 1 commit)
grub2: add support for devicetree (#1790)
Sinny Kumari (1 PR, 1 commit)
atomic-upgrades doc: fix example url to fetch a ref checksum (#1795)
Umang Jain (3 PRs, 3 commits)
lib/repo-commit: Relax min-free-space check in prepare_transaction() (#1779)
man/ostree.repo-config: Update min-free-space-* docs (#1786)
PR: #1761
Post-release version bump
(and 1 commit from other author)
rfairley (1 PR, 1 commit)
lib/repo: Search a list of paths in gpgkeypath for gpg keys (#1773)
Published by cgwalters almost 6 years ago
https://github.com/ostreedev/ostree/releases/tag/v2018.9
It's been two months since our last release, so this one is slightly
larger than usual (the ~monthly cadence). It's mostly bugfixes
again, although there were some API additions and new
configuration options.
These new features are things like:
- Allow disabling pulling from LAN/USB/Internet (#1758)
- lib/repo: Add an API to get min-free-space-* reserved bytes (#1715)
- OstreeMutableTree: add _remove method (#1724)
- repo: Add a checkout option to not hardlink zero-sized files (#1752)
On the bugfix side, nothing major; we have the usual small memory
leak fixes (yeah, we use GCC autocleanups, but still, this is C).
Beyond that, good examples of bugfixes are:
- finalize-staged: Bump timeout to 5 minutes (#1755)
- deploy: Fix removing /var/.updated with separate /var mount (#1730)
- src/ostree: Don't delete refs having aliases (#1749)
One notable change in this release is the initrd service
ostree-prepare-root.service now runs earlier in the boot process.
This shouldn't actually affect OSes, unless there's extended logic
in the initrd that integrates tightly with OSTree. The use case for this is
better integration with Ignition, which will be used in Fedora CoreOS.
PR: #1759
Another systemd related change is the introduction of a path unit:
ostree-finalize-staged.path. This allows the service of the same name
to be path activated instead of explicitly started at deployment staging time.
This release however does not yet rely on this mechanism to give time for
packagers and integrators to adapt to the new unit (e.g. by enabling it in
the systemd presets). A future release will require this.
Note that deployment staging is still not the default for libostree, although
at least rpm-ostree now unconditionally uses staging, and while it
generally worked well, we hit issues with people using slower hard drives,
hence the increase in timeout in PR #1755 .
PR: #1740
Another change to call out is:
lib/commit: Don't chown objects to repo target owner (#1754)
We previously had incomplete support for a process running as uid 0
writing to a repository owned by a non-zero uid, but it was never finished.
This will likely be revisited at a later time.
We also merged:
lib/grub2: Support Debian-style grub.cfg path (#1714)
from a new contibutor (thanks Felix!). Who incidentally also
posted recently about new Rust bindings:
https://mail.gnome.org/archives/ostree-list/2018-October/msg00000.html
https://crates.io/crates/libostree
Thanks a lot to all contributors!
Colin Walters (12 PRs, 13 commits)
Post-release version bump (#1705)
deploy: Fix removing /var/.updated with separate /var mount (#1730)
lib/commit: Don't copy xattrs for metadata objects (#1736)
lib/progress: Fix leak of GSource (#1741)
Only verify OSTREE_MAX_METADATA_SIZE for HTTP fetches (#1744)
rofiles-fuse: Improve error message for failure to open root (#1747)
repo: Add a checkout option to not hardlink zero-sized files (#1752)
checkout: Support --union-identical and --force-copy{,--zerosized} (#1753)
finalize-staged: Bump timeout to 5 minutes (#1755)
remount: Refactor to helper function instead of loop (#1760)
README: Add bindings section (#1762)
PR: #1757
sysroot: Add error prefixing to deployment parsing
sysroot: Update some code to use fstatat_allow_noent API
Dan Nicholson (1 PR, 1 commit)
lib/commit: Don't chown objects to repo target owner (#1754)
Felix Krull (1 PR, 1 commit)
lib/grub2: Support Debian-style grub.cfg path (#1714)
Jonathan Lebon (7 PRs, 12 commits)
ci: Disable f28-rpmostree for now (#1727)
ci: Bump rpm-ostree tag to 2018.8 (#1728)
boot: Add ostree-finalize-staged.path (#1740)
lib/mutable-tree: Port to new style (#1742)
PR: #1732
lib/fetcher-curl: Prefix fatal errors with full URL
lib/fetcher-curl: Drop unnecessary check
lib/fetcher-util: Mark journaled msgs as LOG_ERR
PR: #1750
lib/sysroot-deploy: Write to journal when finalizing
boot: Add Documentation= lines to services
boot: Remove [Install] from ostree-finalize-staged
PR: #1759
ostree-prepare-root.service: Run earlier in initrd
ostree-prepare-root.service: Use RemainAfterExit=yes
Laurent Bonnans (1 PR, 1 commit)
lib/fetcher: Fix some memory leaks in curl fetcher (#1716)
Matthew Leeds (10 PRs, 14 commits)
avahi: Be robust to missing refs in peer summaries (#1717)
lib/repo: Clean up OstreeRepo docs (#1725)
lib/repo: Define a metadata key, ostree.deploy-collection-id (#1726)
create-usb: Always use archive mode (#1733)
create-usb: Add a --commit option (#1735)
bash-completion: Fix --repo autocomplete (#1745)
man/create-usb: Don't recommend summary updates (#1746)
PR: #1737
man/ostree.repo-config: Document locking options
lib/repo: Fix minor mistake in locking docs
lib/repo: Allow disabling lock timeout
PR: #1758
lib/repo-pull: Disable LAN updates by default
Allow disabling pulling from LAN/USB/Internet
PR: #1763
Rename core.repo-finders to core.default-repo-finders
lib/repo-pull: Add an explanatory comment
Robert McQueen (1 PR, 1 commit)
OstreeMutableTree: add _remove method (#1724)
Sinny Kumari (1 PR, 1 commit)
src/ostree: Don't delete refs having aliases (#1749)
Umang Jain (3 PRs, 6 commits)
Release 2018.9 (#1761)
PR: #1715
lib/repo: Ensure min-free-space* config value doesn't overflow
Add tests for ostree_repo_get_min_free_space_bytes
lib/repo: Add an API to get min-free-space-* reserved bytes
PR: #1722
tests: Update tests for ostree_repo_get_min_free_space_bytes()
lib/repo: Separate min-free-space-* calculation from transaction codepath
Git-EVTag-v0-SHA512: 7d4337f3b58ddd13c825eb80c0e39ebd5f4db1368a34ba6a037264c9941b373ba594a7b9f3ac63cb85e64f475bf5589001032a7ba6da371a2c76a336b4c89c85
Published by cgwalters about 6 years ago
This release is pretty much all minor bugfixes: memory leaks,
fixing error messages and docs, handling a race condition
on pull with summary updates. There's one new feature (noted below),
and we also gained a new contributing tutorial:
https://mail.gnome.org/archives/ostree-list/2018-August/msg00005.html
Thanks to Robert Fairley and Cheryl Fong!
The one bugfix I want to call out explicitly is:
ostree-remount.service: RemainAfterExit=yes
PR: #1697
It's surprising it took us so long to find and fix this; I've seen
occasional boot failures that I believe trace down to this problem.
The behavior of systemd units of Type=simple without RemainAfterExit=yes set
is rather nonsensical; I may try to push to have a warning emitted
upstream if such a unit is a dependency of another.
And the one new feature is the auto-update-summary config option
for repositories. For more information, see the docs and
PR: #1681
Thanks to all contributors!
Alexander Larsson (3 PRs, 3 commits)
Fix leak in ostree_repo_list_collection_refs (#1700)
ostree_repo_static_delta_generate: Fix leak (#1701)
ostree_repo_pull_from_remotes_async: Fix leak of options (#1702)
Colin Walters (3 PRs, 3 commits)
lib/pull: Fix minor memleak in error path (#1684)
ostree-remount.service: RemainAfterExit=yes (#1697)
Release 2018.8 (#1705)
Dan Nicholson (1 PR, 5 commits)
PR: #1698
repo: Add OSTREE_REPO_TEST_ERROR=invalid-cache env var
tests: Test for recovery from corrupted summary cache
lib/pull: Fetch summary if cached version doesn't match signature
lib/pull: Add debug message when loading summary from cache
tests: Add tests for remote summary update races
Jonathan Lebon (4 PRs, 10 commits)
ci: Bump rpm-ostree tag we build for tests (#1708)
PR: #1692
lib: Fix some logic/error-checking code
lib: Fix some minor memory leaks
lib: Check for NULL pointers in some more places
PR: #1693
lib/commit: Only auto-update summary if refs were written
lib/config: Deprecate commit-update-summary option
lib/config: Rename change-update-summary to auto-...
lib/refs: Use GLNX_HASH_TABLE_FOREACH_KV helper
PR: #1710
ostree/config: Delete rogue printf and tweak help
man/config: Keep cmdsynopsis for GROUP.KEY version
Matthew Leeds (4 PRs, 5 commits)
man/ostree.repo-config: Update min-free-space-* docs (#1687)
lib/repo-commit: Fix min-free-space error message (#1691)
lib/repo-pull: Use correct keyring for dynamic remotes (#1695)
PR: #1681
config: Add a core/change-update-summary option
lib/repo: Take exclusive lock while generating summary
Philip Withnall (1 PR, 1 commit)
lib/repo-pull: Prefer object pull over from-scratch delta if ref exists (#1709)
Robert Fairley (2 PRs, 2 commits)
docs: Add Contributing Tutorial to Mkdocs pages (#1711)
PR: #1694
docs: Add contributing tutorial
(and 1 commit from other author)
Sinny Kumari (1 PR, 1 commit)
src/ostree: Add --group option to ostree config (#1696)
Stefan Agner (1 PR, 1 commit)
Avoid race condition in case tests directory does not exist (#1704)
Umang Jain (1 PR, 1 commit)
Post-release version bump (#1683)
Will Thompson (1 PR, 1 commit)
repo: remove outdated note from write_config() docs (#1707)
Will Thompson (1 PR, 1 commit)
man/ostree.repo-config: improve min-free-space-* docs (#1706)
bubblemelon (2 PRs, 2 commits)
bin/refs: Clarify --create error message (#1690)
PR: #1694
docs: Add detail to CONTRIBUTING.md and link to tutorial
(and 1 commit from other author)
Git-EVTag-v0-SHA512: cb84a0dc71f917fc9fa715531e3154a23e861bf1e4223caf6c34e16461c7830a383bb9f090963eaaeaeb3c449434be7cf4246e63c15d5a2d5c7da101568f52e3
Published by cgwalters about 6 years ago
I've said this before but the regular variety of contributors to libostree
makes me very happy - part of the reason I like working on Free Software
is collaborating with smart people around the world! Thanks to all of you!
There's no one major feature in this release, but we have a variety
of improvements and bugfixes.
The addition of min-free-space-size in the previous release caused
issues with older libostree/flatpak interacting with it. We now tolerate
both min-free-space-size and min-free-space-percent being set for
compatibility.
PR: #1685
The way libostree writes bootloader spec snippets has changed to
have the version number first, aiding sorting. It turns out some BLS
implementations order via filename. This is preparatory work for more
directly adopting the BLS in Fedora (and I for one will not miss grub2-mkconfig
and particularly os-prober)!
libostree became significantly smarter about handling "recommitting" content,
such as ostree commit --tree=ref=foo -b bar; it's now nearly free, and this
can be extended to very quickly "union" or merge different refs into a unified
whole. See the discussion in:
PR: #1643
There are two fixes for staged deployments (still not the default), but
we're aiming to do that by default in rpm-ostree soon, and that's shaking
out some remaining issues (for example, the API didn't support overriding
kernel arguments correctly).
Another notable bugfix is for separate /var partition, which we regressed
in 2018.6 as part of working on Ignition integration.
PR: #1668
Thanks again to all contributors!
Alex Kiernan (2 PRs, 2 commits)
boot: Use emergency.target, not emergency.service (#1665)
switchroot: Move late /run/ostree-booted creation to ostree-system-generator (#1675)
Alex Kiernan (2 PRs, 2 commits)
build: Use ostree_prepare_root_CPPFLAGS for ostree-prepare-root (#1670)
switchroot: Fix typo in comment ENINVAL => EINVAL (#1676)
Colin Walters (9 PRs, 9 commits)
sysroot: Reject attempts to pin the staged deployment (#1660)
ci/flatpak: Fix to use built ostree version (#1662)
deploy: Retain staged by default (#1672)
deploy: Fix overriding kernel args for staged deployments (#1677)
build-sys: Link with gpg-error directly (#1679)
Update libglnx (#1680)
ci: Mark insttests as not required (#1686)
PR: #1652
ci: Workaround getfedora.org/atomic_qcow2_latest being 404
(and 1 commit from other author)
PR: #1668
tests/installed: Add var-mount.yml destructive test
(and 2 commits from other authors)
Emmanuele Bassi (1 PR, 1 commit)
Add a check for gpg-error via pkg-config (#1682)
Javier Martinez Canillas (2 PRs, 2 commits)
ostree-grub-generator: sort BLS files by version instead of alphabetically (#1653)
deploy: Change BootLoaderSpec filenames so they can be used for sorting (#1654)
Jonathan Lebon (2 PRs, 3 commits)
PR: #1652
tests/installed: Wait a bit more for http.server
(and 1 commit from other author)
PR: #1668
tests/installed: Add NOTE when re-using RPMs
switchroot: Fix regression for separately mounted /var
(and 1 commit from other author)
Marcus Folkesson (2 PRs, 2 commits)
ci: exclude 'lib' from libsoup configure option (#1661)
build: add ostree-soup-* to build process when configured with avahi (#1666)
Matthew Leeds (2 PRs, 2 commits)
man/ostree.repo-config: Document collection-id (#1646)
create-usb: Tweak docs for --destination-repo (#1656)
Philip Withnall (1 PR, 1 commit)
lib/repo-commit: Abort a transaction if preparing it fails (#1647)
Robert Fairley (2 PRs, 3 commits)
tests: Run network retries test for many retries directly (#1673)
PR: #1669
ostree/pull: Add network-retries command line option
tests: Move assert_fail function to tests/libtest.sh
Simon McVittie (2 PRs, 2 commits)
avahi: Fail immediately if we can't talk to D-Bus or Avahi (#1639)
OstreeRepoFinderConfig: Fix guint/gsize confusion (#1641)
Umang Jain (6 PRs, 9 commits)
lib/repo: Minor fixes around min-free-space (#1663)
Release 2018.7 (#1683)
lib/repo: Allow min-free-space-size and -percent to co-exist (#1685)
PR: #1602
lib/repo: Cleanup current boot's staging dir min-free-space-* checks are hit
lib/repo: cleanup_tmpdir should be executed after releasing lock file
PR: #1614
tests: Add tests for space checks during deltas codepath
lib/repo: Enforce min-free-space-* size check for regfiles in deltas
PR: #1671
lib/repo-commit: Factor out min-free-space-size error reporting
repo: Reword min-free-space-size option's error strings
William Manley (4 PRs, 7 commits)
ostree repo commit: Speed up composing trees with `--tree=ref` (#1643)
tests: Save corefiles back to tests/ directory if one exists (#1657)
PR: #1645
OstreeMutableTree: Document ostree_mutable_tree_ensure_dir
OstreeMutableTree: Document each private member of `OstreeMutableTree`
Add test for composing trees in different ways
PR: #1655
OstreeMutableTree: Invalidate parent contents checksum when metadata changes
OstreeMutableTree: Refactor: Add `parent` pointer
Published by cgwalters over 6 years ago
This release includes the final merge of the previously "experimental" API
for peer-to-peer discovery/download. This is currently supported by Flatpak
and the EndlessOS updater. One use case for example that this improves
is the "update via USB stick" case; you'll need to set collection IDs, and
have your update system use the repo finder API. (Today ostree admin upgrade
doesn't). Thanks a lot to Endless for all of their work on this!
PR: #1596
libostree learned how to retry HTTP requests on transient network errors.
By default, requests on such errors are now retried 5 times.
PR: #1594
There is also now a new "min-free-space-size" config option. This is similar
to the "min-free-space-percent" option but instead takes absolute values, such
as "1GB" or "10MB".
PR: #1616
The original systemd design for ConditionNeedsUpdate= didn't quite work
with libostree, but Endless wrote a fix and had been shipping it for a while.
That's now been merged: deploy: Delete .updated file from /etc and /var on new deployments
Part of the reason this came up now is we're planning to change rpm-ostree
to switch to systemd-sysusers: https://github.com/projectatomic/rpm-ostree/issues/49
And today sysusers uses ConditionNeedsUpdate=. Once we make
the switch in rpm-ostree and test it out I'd recommend other operating
systems follow (and not use nss-altfiles). And if you've already made the switch,
let us know!
PR: #1631
We're working on using https://github.com/coreos/ignition for Fedora CoreOS,
which means integrating it with libostree. As both run in the initramfs,
we added a simple change to ensure /var is mounted. A future enhancement
here will likely involve handling custom /var mounts too.
PR: #1617
There are a variety of other changes, like fsck --all, having u-boot support devicetree,
etc.
Thanks to all contributors!
Alexander Larsson (2 PRs, 3 commits)
ostree_repo_resolve_rev: Resolve refs set in the transaction (#1624)
PR: #1591
fsck: Add --all to print all corrupted object
fsck: Include the commits that contain the corruption in errors
Andrea Galbusera (1 PR, 1 commit)
u-boot: add support for devicetree (#1590)
Arnaud Rebillout (1 PR, 1 commit)
docs: var/local -> var/usrlocal (#1588)
Colin Walters (4 PRs, 8 commits)
Post-release version bump (#1586)
lib/archive: Tell g-ir-scanner to ignore the private libarchive bits (#1629)
PR: #1566
lib/sysroot: Add wrapper API to prune system repository
lib: Add a public helper method for pruning to find all ref'd commits
PR: #1632
tests/installed: Add a free-space success path test
lib/repo: Do free space math under lock in error path
lib/repo: Rename free_space_size variable to free_space_mb
lib/repo: Fix double-set-error in min-free-space-size code
Dan Nicholson (1 PR, 1 commit)
deploy: Delete .updated file from /etc and /var on new deployments (#1631)
Jan Tojnar (1 PR, 1 commit)
tests: Fix locale detection (#1611)
Jonathan Lebon (4 PRs, 6 commits)
ci: Add .papr-ex.yaml (#1587)
.gitmodules: Update URL for libglnx (#1604)
switchroot: Allow letting ostree-prepare-root mount /var (#1617)
PR: #1601
ci: Drop gpgme and libgcrypt hacks
ci: Bump to f28, except flatpak
ci: Stop layering oci-kvm-hook
Matthew Leeds (8 PRs, 15 commits)
bash-completion: Don't add a space after files and directories (#1598)
Update libglnx to get g_autoptr backports (#1603)
admin: Fix list of subcommands in help and manpage (#1621)
lib/prune: Don't modify dirent->d_name in place (#1627)
PR: #1596
lib: Fix building against old glib versions
Make P2P API public (no longer experimental)
PR: #1605
Fix building P2P code against old glib versions
find-remotes: Fix unused variable warnings
Allow compiling OstreeRepoFinderAvahi without libsoup
Allow compiling with experimental API but without curl/soup
PR: #1607
ci: Use master branch as flatpak tag
ci: Bump flatpak build to F28
PR: #1615
tests: Add test for including ostree.h
Fix building against old glib versions
Revert "lib: Fix building against old glib versions"
Philip Withnall (4 PRs, 16 commits)
lib/repo-commit: Delay propagation of errors from abort_transaction() (#1626)
PR: #1594
lib/fetcher: Factor out HTTP status code handling from soup and curl
lib/repo-pull: Add some missing assertions for progress statistics
tests: Test pull behaviour when network timeouts occur
ostree/trivial-httpd: Add --random-408s command line option
lib/fetcher-soup: Map more SoupStatus codes to known GIOErrors
lib/repo-pull: Support retrying requests on transient network errors
PR: #1599
lib/repo-pull: Factor out enqueue function for FetchStaticDeltaData
lib/repo-pull: Factor out enqueue function for FetchObjectData
lib/repo-pull: Factor out enqueue function for ScanObjectQueueData
lib/repo-pull: Rename a variable
lib/repo-pull: Factor out free function for FetchDeltaSuperData
lib/repo-pull: Use GCC `?:` ternary shortcut where appropriate
lib/repo-pull: Use values from struct in enqueue_one_object_request()
PR: #1600
lib/repo-pull: Support retries for delta superblocks
lib/repo-pull: Support queuing delta superblock requests
Umang Jain (1 PR, 1 commit)
lib/repo: Add min-free-space-size option (#1616)
Published by cgwalters over 6 years ago
This release has a number of features, as well as the usual
collection of bugfixes (none critical). On the host management
side, we landed a design to do "staged" deployments. There's
some more information in the issue.
I've seen many, many people hit the "where did my changes in /etc go"
problem, and this will go a long way towards addressing that. We
believe the design is fairly good, and the new public API should
be considered stable. However, the ostree admin commandline only
uses it with an experimental OSTREE_EX_STAGE_DEPLOYMENTS=1. Please
try this out - the plan is to eventually make this the default.
Today rpm-ostree gained a config file option to enable it
persistently in this PR.
Another notable feature is that upon encountering an error, fsck
will now mark the commits which contain that object as "partial", which
in turn means that a future ostree pull will re-download the objects.
This makes recovering from corruption much easier. As part of this
work, an API was added which can traverse the tree and gather parent pointers.
More information in this PR.
Finally on the feature side, we have enabled repository locking by default.
This uses file locks and is hence for multiple process exclusion. For example,
EndlessOS today has both flatpak and their host updater writing to the system
repository. Currently, the locking only applies for commit and prune operations,
which are the most common sources of concurrency issues. This will
be extended over time. If you want to disable locking, set locking=false
in the repository configuration.
More information in this PR.
Bugfixes are mostly things like a fix for flatpak on filesystems which
implement reflinks, some memory leaks squashed in the commit path. And
the fix in PR 1537 is
fairly notable as it avoids ugly behavior incorrectly scanning all files
in newly-created repositories that didn't have the legacy uncompressed-objects-cache
directory.
Additionally there are test suite improvements, documentation patches.
The tests are all now fully Python 3 compatible.
Thanks to all contributors!
Alexander Larsson (3 PRs, 4 commits)
Don't write to parent repo (#1524)
pull: Don't save summary to cache before validating signatures (#1529)
PR: #1533
fsck: Mark commits with missing or deleted object partial
lib/repo: Add ostree_repo_traverse_commit_union_with_parents
Colin Walters (30 PRs, 44 commits)
Add concept of "staged" deployment (#1503)
lib/deltas: Some misc declare-and-initialize porting (#1511)
Post-release version bump (#1512)
tests: Merge installed/ and fedora-str/ directories (#1513)
lib/deploy: Port final bootconfig writing to new style (#1515)
tests/installed: Fix TESTS= being empty (#1516)
ci: Drop patches when building RPM (#1530)
switchroot: Don't log if running as pid1, minor code style cleanups (#1531)
lib/sysroot: Move staged into deployment list, rework handling (#1539)
README.md: Fix docs link to COPYING (#1554)
lib/repo: Enable locking by default, but drop external API (#1555)
deploy: Return staged deployment (#1559)
repo: Add checksum to error message opening unreadable object (#1564)
lib/deploy: Do post-ops when removing staged commit (#1570)
deploy: Use fdatasync() for new kernel/initramfs by default (#1571)
lib: Use `Locking:` term in docs (#1572)
tests: Tweak staged-deploy test to be faster (#1573)
README: Tweak licensing description (#1574)
tests: Fix installed tests more (#1577)
ci: Drop str hotpatch (#1582)
ci: Switch libgcrypt URL (#1584)
Release 2018.5 (#1585)
PR: #1514
lib/deploy: Split /etc merge into two stages
lib/deploy: Set kargs in one place
PR: #1535
tests/installed: Move tasks into tasks/ directory
tests: Better error message if target is not a symlink
sysroot: Split out a helper function to delete a deployment dir
tests/installed: Move auto-build logic to playbook-run.sh
bin: Hide `admin instutil` command
PR: #1538
deploy: Clean up bootserial assignment function
sysroot: Clean up origin loading function
deploy: Silently do nothing if passed same set of deployments
PR: #1548
tests: Disable itest-pull.sh since it is too slow
tests: Lower retry timeout to 5s
fsck: Only print "marking commit partial" once
tests/installed: Make reboot task less racy
(and 1 commits from other authors)
PR: #1558
bin/deploy: Avoid loading merge deployment kargs unless necessary
lib/deploy: Fix staged deployments with no kargs
PR: #1567
deploy: Don't prune repo at finalization time by default
bin/admin-cleanup: Port to decl-and-initialize style
PR: #1568
lib/deploy: Throw an error if trying to stage when not ostree-booted
lib/sysroot: Maintain one variable for "root is ostree booted"
PR: #1583
lib/sysroot: Add OSTREE_EX_STAGE_DEPLOYMENTS environment variable
tests/installed: Disable all rpmmd repos
Giuseppe Scrivano (1 PR, 1 commit)
commit, payload-reflink: do not write to the parent repo (#1525)
Jonathan Lebon (12 PRs, 16 commits)
ci: turn gating back on for most testsuites (#1536)
ci: use gpgme scratch build to workaround issues (#1540)
ci: Temporary libgcrypt workaround for older kernels (#1547)
ci: mark some ci testsuites as required again (#1552)
ci: drop BDB1539 workaround (#1553)
libglnx: Bump to fix F28 compilation (#1580)
docs: Add "Hello World" example (#1581)
PR: #1546
tests: Port the last python2 script to python3
tests/installed: Prefer python3 over python2
PR: #1548
tests/installed: increase async retries to 500
(and 4 commits from other authors)
PR: #1556
lib/deploy: Also compare deployment csum versions
lib/deploy: Factor out function to get deployment kargs
PR: #1560
man/ostree-init: Briefly describe various modes
man/ostree: Document --repo option a bit more
PR: #1575
lib/commit: Fix function name typo in docstring
lib/deploy: Add semi-colon in post-deployment msg
Matthew Leeds (8 PRs, 11 commits)
lib/repo: Add timestamps to OstreeRepoFinderResult (#1518)
lib/repo-pull: Document all options in pull_from_remotes_async (#1519)
tests: Fix unit test for ref-binding metadata (#1520)
lib/repo-pull: Improve error message when no summary is found (#1522)
lib: Fix a few comments (#1526)
lib/repo-pull: Rename a variable for clarity (#1528)
PR: #1521
libotutil/checksum-utils: Fix memory management
lib/commit: Fix a memory leak of OtChecksum
PR: #1543
man: Add man page for create-usb
create-usb: Update summary in destination repo
tests: Fix typo in unit test
Owen W. Taylor (1 PR, 1 commit)
Don't scan uncompressed_objects_dir if it doesn't exist (#1537)
Sam Spilsbury (1 PR, 1 commit)
avahi: Don't complain with g_warning if the daemon wasn't running (#1542)
Simon McVittie (1 PR, 1 commit)
build: Don't distribute Bison-generated parser in dist tarballs (#1563)
Tobias Mueller (1 PR, 1 commit)
repo: handle GPG_ERR_AMBIGUOUS_NAME in sign_data (#1579)
Git-EVTag-v0-SHA512: a36ec85eaed518e9808fd572e801156171c8b7c8f043b5d151492ff94544e6d2a1fd2104de848605a32630b778739452500127e90ead78e29c405b20e1b97cca
Published by cgwalters over 6 years ago
A quick turnaround after 2018.3 to include one main PR: https://github.com/ostreedev/ostree/pull/1508
"switchroot: Ensure /run/ostree-booted is created even without initramfs"
This fixes ostree when booting without an initramfs. Thanks to @akiernan for the
bug report and helping review the fix! I'm working on enhancing the test suite,
which will help in adding some coverage here.
Colin Walters (6 PRs, 10 commits)
Post-release version bump (#1506)
ci/papr: Fix artifacts (#1507)
switchroot: Ensure /run/ostree-booted is created even without initramfs (#1508)
lib/deltas: Squash some GCC maybe-uninitialized warnings (#1510)
Release 2018.4 (#1512)
PR: #1509
tests/payload-link: Just test a single duplicate object
tests: Small tweaks for local iteration
tests/installed: Use temporary directories more consistently
tests/str: Verify standard-test-roles is installed
tests/str: Rework sysinstall-tests to be an entrypoint
Git-EVTag-v0-SHA512: ad47f2566b56f852982235224bc5256f1ac682da78579998b6ebcef719691c9dc2d9987691ee98730c7776da48c7ff50b02f55cbf5e7355a12627cb2843dcf51
-----BEGIN PGP SIGNATURE-----
iQFHBAABCgAxFiEEq5KKnPjdBikJw3u93EX9WSHBPwsFAlq0IgQTHHdhbHRlcnNA
dmVyYnVtLm9yZwAKCRDcRf1ZIcE/C2tDB/9daUpx5+lMfTBnBZdvHopnkmd1XaKS
zCeg813L54BxrmReUeRAZWjTmizqd+yQJoxkA/ioTkERH3H1p3VI6EoaeerSfukc
tFytvX11KNTk9ereBC1zg8eC5jLePMO1XHyrNi2TZ7F4da8sWQ8SJ8JiJFnlkZ+d
PagsZxPFN/7l2P8IczB+9wsYY155xDFNW1lWHA3Gm9hcvsl0gehy+VOJcB79CyX+
9nEPhurN+L6AAU9l6ECVUiY1zCYxvsoXduHEj9KlieK+exkbNsc0Ho4EEk3xd+HB
iv3vexsSFUvtQZBuq16/G4+Dv8SHwTGGuc8cP6MLHXlPMrTXyECjOZOp
=zaOP
-----END PGP SIGNATURE-----
Published by cgwalters over 6 years ago
Keeping up with our ~monthly cadence. A variety of contributors here again, it's
great to see! There's two notable features, and a variety of non-critical bugfixes.
On the features side we have:
-
sysroot: Add concept of deployment "pinning" 📌(#1464) -
ostree: introduce PAYLOAD_LINK object type(#1443)
(EDIT: Also lib/fetcher: Allow clients to append to User-Agent (#1496))
By default libostree prunes older deployments; the pinning feature allows you to
explicitly retain them until unpinned. This is useful for major version updates.
The PAYLOAD_LINK functionality allows libostree to do content-based
deduplication. Previously, if e.g. a file changes in metadata (mode, owner,
xattrs such as SELinux labels), we can't make a plain Unix hardlink, and hence
by default end up with a new copy on disk. However, the Linux kernel has
standardized "reflinks" and some filesystems support them, including modern
versions of XFS. When reflinks are available, this functionality causes
libostree to compute a content-only payload, and when importing an object, if it
matches in content with an existing object, to use reflinks to deduplicate, while
using different inodes.
Finally, the HTTP User-Agent API is intended for higher level tools linking to libostree where one wants to expose the app version as well.
Beyond that, as mentioned above we have a variety of non-critical fixes such
as memory leaks, test suite improvements, correctly printing the "would be pruned"
size when using prune --no-prune, etc.
Thanks to all contributors!
Colin Walters (15 PRs, 20 commits)
build-sys: Post-release version bump (#1455)
ci: Rework installed tests to use Fedora Standard Test interface (#1462)
bash-completion: Remove `admin` completions (#1468)
prune: Error if --static-deltas-only without --delete-commit (#1482)
lib/repo: Do account for size with prune --no-prune (#1483)
docs/prune: Document that --static-deltas-only isn't that useful (#1484)
repo/refs: Clean up error prefixing (#1485)
tests/str: Rework invocation (#1493)
tests: Avoid generating lots of output in itest-payload-link (#1494)
lib/deploy: Port various functions to declare-and-initialize (#1499)
main, status: Factor out deployment printing into helper (#1504)
Release 2018.3 (#1506)
PR: #1464
sysroot: Add concept of deployment "pinning" 📌
sysroot: Add API to clean up transient keys in origin files
sysroot: Bump mtime when writing an origin file
PR: #1497
sysroot: Rework how we find booted deployment
sysroot: Track whether /run/ostree-booted exists
lib/deploy: Port deployment checkout func to new style
PR: #1505
lib/deploy: Have internal origin writing API take sepolicy
lib/deploy: Use in-function error prefixing more
Giuseppe Scrivano (1 PR, 3 commits)
PR: #1443
commit: add logic for .payload-link
ostree: introduce PAYLOAD_LINK object type
ostree-repo-private: remove declaration for _ostree_repo_find_object
Jeremy Hiatt (1 PR, 1 commit)
lib/repo: Fix multi-signature support when generating summary files (#1489)
Joaquim Rocha (1 PR, 1 commit)
pull: Ignore the cancellable when aborting a transaction (#1492)
Jonathan Lebon (2 PRs, 2 commits)
lib/fetcher: Allow clients to append to User-Agent (#1496)
lib/core: Support <remote>: syntax when listing refs (#1500)
Jonathan Lebon (1 PR, 1 commit)
lib/sysroot: Fix retrieving non-booted pending deployment (#1472)
Luca Bruno (1 PR, 1 commit)
rust/bupsplit: minor idiomatic fixes (#1502)
Matthew Leeds (6 PRs, 6 commits)
lib/repo-finder-mount: Fix path to flatpak repo (#1471)
lib/repo-finder-mount: Update comment about paths (#1473)
lib/repo-pull: Fix free function for hash table (#1474)
lib/remote: Fix memory leak (#1476)
lib/repo-finder-mount: Improve debug message (#1477)
lib: Fix memory leaks of OstreeRemote (#1478)
Rasmus Thomsen (1 PR, 1 commit)
configure: add option for libsystemd (#1490)
Simon McVittie (2 PRs, 5 commits)
Use Python 3 for tests (#1463)
PR: #1457
tests/bootloader-entries-crosscheck: Use Python 3-friendly sorting
test-concurrency: Explicitly use floor division
test-concurrency: Replace range with xrange
test-concurrency: Use Python 3 syntax for octal
Git-EVTag-v0-SHA512: 00afcacb0ad3b8c2c42c2d3e44e1c807a0dbb65beb2ba888ceab459c603d8c1e5ef380abb0a77c02eacba839b0a3b6138a92a0f05e4c2bfe04eeefe41081e6bf
-----BEGIN PGP SIGNATURE-----
iQFHBAABCgAxFiEEq5KKnPjdBikJw3u93EX9WSHBPwsFAlqyj8ITHHdhbHRlcnNA
dmVyYnVtLm9yZwAKCRDcRf1ZIcE/C3p2CACNSfFslraxxBLtJxR6hWnz1r7g1m+N
7v6UdXPLHNOZ85EPV6x9M35on1rVgFCPofwU/nX6yn+QDJV0IyRfKOonqfb7gIDv
jB7r0+bpxHDJXPfCdkTGeZIo7gsnuaerqIlNGSAjinLem0p+w569PD2a5rzQEkym
yLg4cD9ib0MlNINNrH+/jyVJ6da4+yLF2jQ91NNnu1v2HzBzfuyGPVI6T7+1Nx9I
GRzqe2vcZsWLQwnaBHJ5GVXZQSlgzPDqdI3Q/uTW7kG4OD2Qw4TYKw9PsfXzBHLg
GWsWrxoR0A4gFsSQe0xYhTi88Sq5zZNehLEN/5gEwZMqB6yvkl6J3Nie
=K4BR
-----END PGP SIGNATURE-----
Published by cgwalters over 6 years ago
We're keeping up with the approximately-monthly release cycle. There's
mostly a collection of smaller fixes here, with some enhancements.
I'm biased but my personal favorite is #1438 since it makes
the output of findmnt rather significantly nicer on this workstation
where I have container tooling creating sub-mounts in /var that are
no longer replicated in /sysroot.
For the embedded space, #1411 for devicetree support is likely interesting,
and is related to a discussion on the mailing list:
https://mail.gnome.org/archives/ostree-list/2018-February/msg00001.html
Jonathan's PR #1441 to add callback filtering to checkout
was necessary for us to re-implement some hairy logic from librpm
around "file coloring"; see https://github.com/projectatomic/rpm-ostree/pull/1227
We're getting quite far along now in having rpm-ostree be a truly
hybrid system, supporting the existing RPM ecosystem.
Marcus definitely wins the "lines changed" count this cycle by adding
SPDX-License-Identifier to all of the C source files (#1439). This happened
because we relicensed the documentation to dual CC BY-SA and GFDL in #1432
to enable a Wikipedia page which I just
noticed exists now!
It's great to see all of the interest in and use of libostree across
the board, and thanks to all contributors!
Alex Kiernan (2 PRs, 2 commits)
switchroot: Fix split source/build directory (#1445)
Fix static-compiler when CC includes args (#1454)
Colin Walters (13 PRs, 13 commits)
ci: Run a subset ⊂ of rpm-ostree's tests (#771)
ci: Bump flatpak version (and build to f27) (#1400)
build-sys: Post-release version bump (#1417)
lib/pull: Port a few functions to new style (#1424)
ci/papr: Update most contexts to f27 (#1426)
bin/delta: Fix compilation with relative subdirs --filename (#1427)
docs: Dual license under CC BY-SA and the GFDL (#1432)
switchroot: Ensure /sysroot is set to "private" propagation (#1438)
deploy: SELinux-relabel installed kernel/initramfs data (#1444)
repo: Create uncompressed-object-cache dir dynamically (#1446)
core: Add API (and standard concept for) content checksum (#1449)
fetcher: Drop max queue size assertion in libsoup/libcurl backends (#1453)
Release 2018.2 (#1455)
Jonathan Lebon (2 PRs, 4 commits)
lib/checkout: add filter API to skip over files (#1441)
PR: #1442
bin/checkout: add --selinux-policy switch
tests/installed: support TESTS filter
libotutil: factor out utility to parse file by line
Marcus Folkesson (1 PR, 1 commit)
Add SPDX-License-Identifier to source files (#1439)
Matthew Leeds (5 PRs, 5 commits)
man: Add man page for find-remotes (#1410)
find-remotes: Minor fixes to --finders code (#1414)
man: Update ostree-summary.xml (#1416)
lib/pull: Allow specific commits in P2P updates (#1425)
lib/pull: Properly remove temporary remotes (#1450)
Philip Withnall (1 PR, 1 commit)
lib/core: Expand documentation for ostree_parse_refspec() (#1437)
William Manley (2 PRs, 4 commits)
PR: #1411
Add support for devicetree files alongside the kernel and initramfs
syslinux: Add support for DEVICETREE from bootloader spec
PR: #1418
ostree admin deploy: Add --no-prune option
ostree admin deploy: Refactor bringing cleaning into `main`
Git-EVTag-v0-SHA512: cbb96ab975e3430d3dcb0552b8b9fec4c32c3d289343a66b304f3d937d56d60f635791b7c31da4118545ecbaec18130cef5d077429b0e0c39fbb235dc7f960b6
Published by cgwalters almost 7 years ago
One of the most notable things in this release is patches
from Gatis Paeglis and William Manley to fix up libostree's
support for systems without an initramfs (prominent in the
embedded/appliance case).
Just as a side note: On the flip side some initial testing of a Fedora Atomic
Host (which uses libostree) was done on an IBM S390x system - real mainframe
hardware. Just like the Linux kernel and systemd, the vision for libostree is to
span a wide range of use cases like this.
Related to this, build patches were contributed by Anton Gerasimov and Marcus
Folkesson - per the above we try to keep our feature set
configurable.
Next I want to note a major new feature landed in this
release that we will be using in rpm-ostree; --copyup support
for rofiles-fuse: https://github.com/ostreedev/ostree/pull/1382
For a long time we were trying to change the Fedora RPM package
scripts to be "pure rofiles" compatible, but I finally decided
to punt on that due to glibc. I suspect other people maintaining
build systems may be in a similar situation.
Also, I landed a series of hardening patches against path
traversal; as I say in the PR set, since we've checked this
in the HTTP code since the start I think we're generally safe:
https://github.com/ostreedev/ostree/pull/1412
There are a variety of other changes here; see
the linked PRs below for more information.
Thanks a lot to all contributors!
Anton Gerasimov (1 PR, 1 commit)
PR: #1397
build-sys: Allow building with curl, but without libsoup
(and 1 commits from other authors)
Colin Walters (9 PRs, 13 commits)
rofiles: Add --copyup option (#1382)
rofiles: Fix --copyup when creating a new file (#1396)
grub2: Exit gracefully if there's no system ostree repository (#1399)
lib/fetcher: Add version to USER_AGENT string (#1406)
Release 2018.1 (#1413)
PR: #1387
build-sys: Post-release version bump
ci: Make rust build nonblocking for now
PR: #1391
Revert "ci: Make rust build nonblocking for now"
build-sys: Link with -ldl for rust build
PR: #1397
bin: Fix cookie builtin build with curl but no soup
(and 1 commits from other authors)
PR: #1412
lib: Validate metadata structure more consistently during pull
lib/checkout: Validate pathnames during checkout
tests: Add a test case for path traversal in a dirtree
Gatis Paeglis (1 PR, 4 commits)
PR: #1401
ostree-grub-generator: update outdated comment
Support for booting without initramfs
deploy: add --karg-none argument
ostree-prepare-root: enabler for simpler kernel arg
(and 1 commits from other authors)
Jonathan Lebon (2 PRs, 4 commits)
tests/libtest-core: support multiple literal checks (#1409)
PR: #1402
bash/ostree: add missing --add-metadata option
bin/commit: add --keep-metadata option
bin/commit: move parent checking code higher up
Marcus Folkesson (1 PR, 1 commit)
lib/pull: allways include ostree-repo-pull-private.h (#1389)
Matthew Leeds (1 PR, 2 commits)
PR: #1407
tests: Use --finders option for find-remotes
find-remotes: Add --finders option
Philip Withnall (1 PR, 1 commit)
build: Fix typo in -Wparentheses warning (#1388)
Simon McVittie (2 PRs, 2 commits)
tests: Don't assume uid == primary gid (#1390)
tests: Assert that byte-order is swapped on LE but not BE CPUs (#1393)
Will Thompson (1 PR, 1 commit)
ostree-grub-generator: fix typo in comment (#1398)
William Manley (1 PR, 1 commit)
PR: #1401
Tests: test-no-initramfs: Test both legacy and new kernel locations
(and 4 commits from other authors)
Published by cgwalters almost 7 years ago
The headlining feature in this release is support for
repository locking, contributed by Dan Nicholson. Currently it is
disabled by default; add locking=true in a repository configuration
file to enable. This feature should be considered as "tech preview"; it's
highly likely we'll stabilize it in its current form, but it's possible something
will change. Currently the locking only protects commit + prune; there is
a large pending PR to extend locking to many more APIs and commands.
Several new APIs were added; for example libostree now has a convenient
API to break a hardlink, which happens in e.g. rpm-ostree in several places
such as handling the RPM database.
Also, multithreading support in the commit APIs was cleaned up and clarified.
It's now possible to call transaction_set_ref() from multiple threads, which
rpm-ostree uses now to import RPMs to OSTree in parallel.
We're tracking an issue with http2+libcurl (#1362) and while I've been too
cowardly to pull out wireshark and gdb to fully track this down, it looks like
there are a number of issues still floating around HTTP2+libcurl (some are
server bugs), that we added support at both build and runtime to disable http2.
The fsck command learned how to verify ref bindings, and relatedly,
the commit command gained a --unbound option to skip creating ref bindings.
Thanks to all contributors
Colin Walters (21 PRs, 26 commits)
lib/repo: Add MT support for transaction_set_ref(), clarify MT rules (#1358)
build-sys: Post-release version bump (#1361)
lib/repo-file: Add casts to appease GLib g_object_ref cast PR (#1363)
lib/commit: Refactor file commits to separate subdir from content (#1365)
pull: Add http2=false remote config option (#1368)
docs/related: Add Balena (#1369)
lib/commit: Fix memleak in bare-user devino hit path (#1370)
lib/commit: Use more direct path for regfile commits (#1371)
build-sys: Add --disable-http2 (#1373)
lib/repo: Add an API to mark a commit as partial (#1376)
bin/fsck: Make ref binding verification optional (#1379)
bin/commit: Support creating "unbound" commits (#1380)
bin/refs: Disallow aliases to remote refs (#1381)
Bump libglnx, use "n items" progress for fsck (#1383)
build-sys: Use -fno-strict-aliasing by default (#1384)
Release 2017.15 (#1386)
PR: #1343
tests: Test concurrent operations
lib/repo: Add some error prefixing in commit, repo create
(and 4 commits from other authors)
PR: #1364
tests: Change test-corruption to use fatal()
Add public API for fsck, use it before loading metadata
PR: #1372
bin/show: Add --no-byteswap
bin/commit: Add --add-metadata that accepts g_variant_print() format
PR: #1375
lib/repo: Disable locking by default, add locking=true boolean
lib/repo: Make locking timeout configurable
PR: #1378
lib/core: Optimize breaking hardlinks for regfiles
lib/core: Add a "break hardlink" API
Dan Nicholson (1 PR, 4 commits)
PR: #1343
lib/prune: Take exclusive repository lock
lib/commit: Add repository locking during transactions
lib/repo: Add locking auto cleanup handler
lib/repo: Add repo locking mechanism
(and 2 commits from other authors)
Matthew Leeds (1 PR, 1 commit)
lib/repo: Properly list remotes of parent repos (#1366)
Philip Withnall (1 PR, 11 commits)
PR: #1347
tests: Expand fsck unit tests to cover checks on bindings
tests: Fix LC_ALL for systems which use .utf8 suffixes
ostree/commit: Allow --orphan and --bind-ref to be specified together
ostree/fsck: Add --verify-back-refs option
lib/repo: Clarify documentation for ostree_repo_list_refs{,_ext}()
ostree/fsck: Handle refspecs from ostree_repo_list_refs()
ostree/fsck: Verify commit bindings for each ref
lib/static-delta: Drop duplicated declaration from private header
lib/pull: Fix capitalisation in binding verification error messages
lib/pull: Split verify_bindings() out into a cmdprivate method
ostree/fsck: Factor out common commit checking code
Sam Thursfield (1 PR, 1 commit)
README.md: Link to BuildStream (#1360)
Git-EVTag-v0-SHA512: 67edb397e64223ecd05c1285e9cf3da6087a8794d8ecdf1a7c66a56cb3afb042a43184224e61aa8631308bddd5bf5e45587c9b05268a36fe2c676869b522249a
Published by cgwalters almost 7 years ago
This release is almost entirely bugfixes. One notable
fix is a read-after-free when libcurl is finalizing that some
people have hit.
There are a number of improvements around the ${repo}/tmp directory and the
per-transaction staging directory in preparation for adding locking in a future
release. This release should already help avoid several failures when doing
concurrent commits; the aim of the locking work will support concurrent prunes
and commits.
I'm using a new script to generate the shortlog with PR numbers included below:
Thanks to all contributors!
Alexander Larsson (1 PR, 1 commit)
rofiles-fuse: Fix utime() support (#1351)
Carlos Alberto Lopez Perez (1 PR, 1 commit)
grub-generator: If OSTREE_BOOT_PARTITION is not set, default to /boot (#1326)
Colin Walters (15 PRs, 18 commits)
build: Add -Werror=undef by default, fix fallout (#1320)
lib/pull: Avoid error if current with --require-static-deltas (#1323)
build-sys: Post-release version bump (#1324)
build: Work around -Wundef with older GLib (#1327)
build: Also fix -Werror=undef for old libsoup (#1328)
deltas: Don't try to rollsum/bsdiff .xz files (#1333)
lib/traverse: Port to new style (#1338)
bin: Port a few commands (diff,remote,static-delta) to new style (#1344)
fetcher/curl: Stop using CURLOPT_LOW_SPEED_TIME/_LIMIT (#1349)
lib/commit: Use direct repo writes if fsync is disabled (#1354)
lib/repo: Add a new private API for bare content writes (#1355)
tests/delta-crosscheck: Disable fsync (#1356)
lib/repo: Add a DEVINO_CANONICAL commit modifier flag (#1357)
Release 2017.14 (#1359)
PR: #1352
lib/repo: Verify txn stagedir existence after locking
lib/commit: Move txn stagedir deletion/unlock into one place
ci: Really show test-suite.log on travis
tests: Run python tests with stdout unbuffered
lib/commit: Minor refactoring of tmpdir cleanup code
lib/commit: Reuse txn dir for tmpfiles
Dan Nicholson (6 PRs, 15 commits)
tests: Don't symlink rofiles-fuse if it's disabled (#1325)
bin/summary: Fix --raw option (#1336)
PR: #1322
lib/pull: Skip ostree_repo_resolve_keyring_for_collection for bindings
lib/core: Fix documentation comment in ostree_validate_collection_id
build: Define OSTREE_ENABLE_EXPERIMENTAL_API for g-ir-scanner
build: Ensure enumtypes.h is built before enumtypes.c
PR: #1337
Revert "lib/pull: Skip ostree_repo_resolve_keyring_for_collection for bindings"
lib: Include OstreeRemote and OstreeCollectionRef in GIR
lib/remote: Export ostree_remote_get_type symbol
PR: #1346
lib/repo: Don't delete new tmpdir if it can't be locked
lib/repo: Handle race with existing tmpdir being deleted
lib/repo: Restore tmpdir reusing out parameter
lib/repo: Add debug messages when allocating tmpdir
PR: #1352
lib/repo: Verify txn stagedir existence after locking
lib/commit: Move txn stagedir deletion/unlock into one place
ci: Really show test-suite.log on travis
tests: Run python tests with stdout unbuffered
lib/commit: Minor refactoring of tmpdir cleanup code
lib/commit: Reuse txn dir for tmpfiles
Dusty Mabe (1 PR, 1 commit)
add back helpful --allow-downgrade err message (#1348)
Joaquim Rocha (1 PR, 1 commit)
lib/remote: Add a method to return the URL (#1353)
Jonathan Lebon (1 PR, 2 commits)
PR: #1350
ci: Make sure we save gtdr test results on failures
papr: Bump primary to f27
Kalev Lember (1 PR, 1 commit)
fetcher/curl: Fix invalid memory access in finalize() (#1332)
Philip Withnall (3 PRs, 5 commits)
build: Add a TODO comment about improving glib-mkenums usage in future (#1330)
PR: #1335
lib/repo: Add gtk-doc comment to OstreeRepoCommitState
lib/repo: Add OSTREE_REPO_COMMIT_STATE_NORMAL to represent most commits
PR: #1341
lib/repo: Fix a memory leak of options in ostree_repo_create()
lib/repo: Add (transfer) annotations to various GHashTable arguments
Will Thompson (1 PR, 1 commit)
build: fix "executible" typo (#1345)
Git-EVTag-v0-SHA512: 006947e52f45c4a2f7bb11549b666f26727359ab9bb1ec9541ed516b74ec8430356586bfde1b618ac172901ea49227539ac3f80d1efa01ef927d5d89f0b48d85
Published by cgwalters almost 7 years ago
A lot of across-the-board improvements here; the pure bugfixes are mostly in the
experimental Avahi bits, hardening the FIFREEZE on /boot code, explicit
errors when trying to commit non-UTF8 filenames, and finally a number of fixes
around our use of mmap.
One slight backwards-incompatible change (but I doubt it'll break anyone):
Disallow refs starting with a non-letter or digit
If this does affect you, please let us know ASAP.
PR: https://github.com/ostreedev/ostree/pull/1286
For improvements, first up, Alex changed the static delta
code to avoid holding everything in memory; this is a substantial
improvement for large deltas, and also for flatpak which uses
deltas as a "bundle" format.
PR: https://github.com/ostreedev/ostree/pull/1309
A few notable changes:
commit: Add _CONSUME modifier flag
You probably want to use this by default for your build/package
systems.
PR: https://github.com/ostreedev/ostree/pull/1255
core: Add standard SOURCE_TITLE metadata key
This one I think is conceptually quite interesting; for many people, their
ostree commits are derived from something else that has its own versioning,
and it's useful to show that explicitly. I encourage ostree-based build systems
to consider rendering human-readable information about your builds into this
standardized metadata key.
PR: https://github.com/ostreedev/ostree/pull/1296
On the command line side, Ruixin Bao for cleaning
up the --help output significantly.
PR: https://github.com/ostreedev/ostree/pull/1267
And thanks to Simon McVittie for his regular fixups to the tests
to ensure they keep running in Debian!
Full shortlog below:
Alexander Larsson (4):
Add OtVariantBuilder
static deltas: Use OtVariantBuilder to create deltas
static-delta-compilation: Move some things around
static deltas: Process each part as soon as its done
Colin Walters (58):
lib/commit: Add some gtk-doc and internal doc comments
lib/sysroot: Add some more comments
lib/pull: Fix regression with pull-local for nonexistent refs
lib/syslinux: Port to fd-relative
lib/uboot: Port to fd-relative
lib/pull: Minor cleanup to metadata scanning function, add docs
lib/core: Init struct stat buffer
lib/sysroot: Fix pointer going out of scope in unlock code
Deduplicate and fix up our use of mmap()
lib/utils: Port a bit to decl-after-stmt style
lib/pull: Change fetcher to return O_TMPFILE
lib/util: Delete some unused functions
lib/deltas: Move variant read helper into the deltas code
commit: Add _CONSUME modifier flag
lib: Add a lighter weight internal checksum wrapper
lib/core: (refactor) Drop wrapper and unneeded args for variant writing
lib/core: Port a few functions to decl-after-stmt
lib/core: Use GBytes for file headers
lib/commit: Make -path commit helper API private
tree-wide: Update to new libglnx fd APIs
lib/deploy: Use _exit() for FIFREEZE watchdog
lib/deltas: Check cancellable during processing
lib/pull: Drop duplicate/different error for GPG but no detached meta
lib/pull: Also do commit GPG verification before writing
tests/basic: Add missing ${COMMIT_ARGS} for bare-user-only
lib/commit: Implement "adoption" with CONSUME flag
lib: Use a common helper function to compare checksums
lib/sysroot: Fix error handling when mounting overlayfs fails
tests: Add test-pull-bareuseronly
lib/deltas: Use fastpath for regfile writes for bare-user-only
lib/deltas: Use pread() instead of lseek()+read()
lib/commit: Avoid trying to delete `.` with _CONSUME flag
lib/commit: Fix indentation in file commit code
lib/commit: Use direct fd xattr operations again on regular files
syntax-check: Add a rule to enforce glnx_autofd over glnx_fd_close
lib/pull: Update summary checksum code to use new checksum API
lib/repo: Update summary code to use newer hashing API
lib/commit: (refactor) Clean up delta bare write API
Disallow refs starting with a non-letter or digit
lib/checkout: For "process whiteouts" mode, replace directories too
repo: Add wrapper function for setting devino cache on checkout opts
docs/related-projects: Add Google Usenix link
bin/status: Port to new style
bin/status: Inline metadata parsing for versions
core: Add standard SOURCE_TITLE metadata key
lib/commit: Fix hardlink checkout commit with bare-user + mod xattrs
ci: Update centos container to current again
tree-wide: Use autoptr for OstreeKernelArgs
lib/repo: Fix loading commitstate with parent repos
lib/deltas: Fix change to use pread() in write opcode
lib: Minor static delta fixes
lib/pull: When --require-static-deltas, use them even for file:/// repos
lib/pull: Delete unused "exampleos" code
bin/delta-compilation: Add a "progress bar" for bsdiff generation
deltas: Add an if0'd bit to print bsdiff objects
tests: Add a "pull-test2" that uses slightly more realistic content
Update libglnx
Release 2017.13
Dan Nicholson (4):
lib/deploy: Ignore FIFREEZE/FITHAW errors when already in state
build: Fix bsdiff Makefile circular dependency
build: Do *.am.inc substitutions from make correctly
lib/repo: Properly handle NULL homedir when signing commit
Jonathan Lebon (12):
build-sys: Post-release version bump
app/main: use HAVE_LIBCURL_OR_LIBSOUP for pull CLI
ci: really turn on warnings
tree: fix compiler warnings
lib/commit: minor coverity fix
libotutil/checksum-utils: fix openssl compilation
ci: compile f26/c7-primary with libcurl/openssl
tests: drop unused variable
ostree/checksum: port to new decl style
lib/core: add ostree_checksum_file_at API
lib/checkout: fallback to checksum for UNION_IDENTICAL
lib/commit: fix checking flag with bitwise OR
Marcus Folkesson (1):
docs: mention the $OSTREE_REPO environment variable
Matthew Leeds (2):
lib/gpg: Print debug info when reading GPG keys
lib/utils: Check for invalid UTF-8 in filenames
Philip Withnall (10):
lib/bloom: Add some missing preconditions on n_bytes
lib/repo-commit: Import detached metadata even if hardlink exists
docs: Clarify %NULL argument to ostree_sysroot_new()
lib/repo: Clarify that ostree_repo_remote_fetch_summary() doesn’t verify
lib/repo-finder-avahi: Fix a leak in a GVariantIter loop
lib/repo-finder: Add OstreeRepoFinderOverride
lib/sysroot: Expand docs for ostree_sysroot_get_repo()
lib/repo-finder-avahi: Fix memory corruption of a GVariantIter
lib/repo-finder-mount: Fix propagating NULL errors
lib/repo-finder-mount: Ignore mounts which have a ‘system’ file system
Ruixin Bao (3):
ostree: Describe subcommands in help output
ostree: move flags into command struct, pass down through builtins
ostree: provide command description in a better place
Shaun Taheri (1):
static deltas: Set optional flag for superblock
Simon McVittie (3):
Cope with xattr syscalls raising EOPNOTSUPP
Make sure *.am.inc are up to date before `make dist`
ostree-system-generator: Include <libglnx.h> for autocleanups
Git-EVTag-v0-SHA512: ccfdad2f0fb324404c1d8886fb415dbf6447ea369ffbd7047c687e167461234c569c3492e7700d975ee92ca8e8951d6eb90e6c52b231e3e23db72a5ed724486e
Published by cgwalters about 7 years ago
Release 2017.12
Quite a lot in this release. First, on the notable bugfix side,
we fixed an issue where background threads could remain alive
after an error was encountered during pulls. Particularly
for projects like flatpak that do multiple pulls in process, this
is an important fix.
PR: https://github.com/ostreedev/ostree/pull/1185
Another important change related to pulls is that libostree now
performs checksums when mirroring again.
The intent here was to speed up mirroring, but it led to a confusing security
story. Now it's easier to explain: for HTTP pulls we verify checksums
(and this can be disabled), for local filesystem pulls we don't,
(but it can be enabled). We've always verified checksums by
default when pulling from an archive repository into a non-archive.
PR: https://github.com/ostreedev/ostree/pull/1212
Anton Gerasimov contributed a change to the libcurl backend
to support PKCS#11 URIs, useful for storing certificates in a
hardware or software enclave.
PR: https://github.com/ostreedev/ostree/pull/1183
The schema for the experimental OstreeRepoFinderMount API to find OSTree
repos on removable media has changed incompatibly, so that the media doesn’t
need to contain two similar lists of refs. It will now look in .ostree/repos.d,
.ostree/repo, ostree/repo and var/lib/flatpak paths on removable media.
PR: https://github.com/ostreedev/ostree/pull/1179
Similarly, the experimental ostree_repo_resolve_keyring_for_collection() API
has changed to return an OstreeRemote containing the keyring, rather than just
the keyring, making it more generally useful.
PR: https://github.com/ostreedev/ostree/pull/1202
The bloom filter used when finding refs from remote peers has been fixed to
work correctly on 32-bit architectures (such as ARM). This doesn’t change the
bloom filter format, but will require bloom filters created on 32-bit
architectures to be regenerated in order for advertisements from those machines
to work.
PR: https://github.com/ostreedev/ostree/pull/1231
Repositories which have a collection ID set will now put their repository
metadata in an ostree-metadata ref when ostree summary --update is run, in
addition to putting it in the summary file. This is part of a plan to securely
allow unsigned summary files for peer-to-peer pulling of refs. This won’t
happen for repositories which don’t have a collection ID set, or if
--enable-experimental-api is not configured.
PR: https://github.com/ostreedev/ostree/pull/1158
A new ostree create-usb command has been added (if configured with
--enable-experimental-api) which can be used to put refs from repositories onto
removable media in a format which can be detected by OstreeRepoFinderMount.
For example, to allow easy sharing of flatpaks or OS updates between offline
machines.
PR: https://github.com/ostreedev/ostree/pull/1182
OstreeRepo has gained hash() and equal() methods, so it can now easily be used
in a hash table based on its device number and inode, rather than using its
path.
PR: https://github.com/ostreedev/ostree/pull/1179
PR: https://github.com/ostreedev/ostree/pull/1205
A minor bug was fixed in rofiles-fuse, which would cause files to be
created with random mode bits if called for O_RDONLY.
PR: https://github.com/ostreedev/ostree/pull/1200
For clients that use OstreeRepoDevInoCache, a bug was fixed which
caused libostree to ignore callbacks that allow modifying file modes,
ownership, and extended attributes.
PR: https://github.com/ostreedev/ostree/pull/1170
libostree now supports --with-crypto=gnutls. Like the OpenSSL
support, this is currently just checksums, but Jussi Laako
is driving this towards making the GPG
dependency optional and supporting other signature methods.
PR: https://github.com/ostreedev/ostree/pull/1189
In previous releases, libostree learned how to make hardlinks
for local pulls. But if we couldn't hardlink (e.g. the devices
were separate), the local pull code went through a much slower
generic path that included re-checksumming
objects. Now there's a copy/reflink fast path that uses
FICLONE/copy_file_range() directly if possible. This can be
substantially faster.
PR: https://github.com/ostreedev/ostree/pull/1197
ostree prune learned a new --only-branch option. This
can be a lot more convenient for release engineering tasks.
PR: https://github.com/ostreedev/ostree/pull/1127
As usual, more work was done to improve the testsuite. It should
now be able to better detect tmpfs/overlayfs environments. The
upstream CI now also runs tests in a non-overlayfs environment
for better coverage.
PR: https://github.com/ostreedev/ostree/pull/1217
PR: https://github.com/ostreedev/ostree/pull/1170
Anton Gerasimov (1):
Add support for pkcs11 URIs in TLS client key/certificate
Colin Walters (38):
lib/repo: Port gpg signing function to new code style
lib/checkout: Do UNION_FILES via atomic renameat()
lib/pull: Drop partial fetch code from libsoup backend
Update libglnx
tests/prune: Factor out a helper for counting commits in the repo
bin/prune: Add --only-branch
ci: Use distro-sync instead of upgrade
tree-wide: Some glnx_fstatat_allow_noent() porting
lib/repo: Minor cleanup to object import function
lib/pull: Wait for pending ops to complete on error
tests/libtest: Factor out user xattr detection
lib/repo: Don't syncfs or fsync() dirs if fsync opt is disabled
lib/repo: Move alloca() outside of loop
lib/checkout: Squash a gcc maybe-uninitialized warning
tree-wide: Squash a few warnings when building with no features
lib: Move bareuseronly verification into commit/core
lib/commit: Don't try to call linkat() for import on distinct devices
ci: Add an "all options disabled" context
lib/repo: Use correct name for tmpdir lockfile
tree-wide: Remove Emacs modelines
lib/core: Add static assertions for OstreeRepoMode enum values
lib: Define an alias OSTREE_REPO_MODE_ARCHIVE
lib/commit: Some misc porting to decl-after-stmnt
lib/commit: Add a copy fastpath for imports
bin/pull: Fix description of --untrusted
lib/pull: Minor refactoring of metadata scanning function
lib/pull: Refactor to use OstreeRepoImportFlags internally
lib/pull: Default checksum for archive mirror, add TRUSTED_HTTP flag
tests,ci: Move "test-basic" (bare mode) to installed test
lib/pull: Add status for imported objects
ci: Record primary context results using g-d-t-r --log-directory
lib/diff: Add compile-time ABI check on 64 bit arches
tests/commit-sign: Update a bit to more modern style
lib/pull: Don't request deltas for unchanged commits
tree-wide: Bump libglnx, port to new lockfile init
tests: Add 404 tests for dirtree objects too
libarchive: Fix assertion error if used with CANONICAL_PERMISSIONS
Release 2017.12
Jonathan Lebon (11):
build-sys: Post-release version bump
rofiles-fuse: also pass mode for O_RDONLY
tests: allow specifying tmpdir
tests/libtest: check that we have setfattr
Add a .vimrc and .editorconfig
lib/commit: add comments to explain dir commit path
lib/commit: fix using uninitialized var
tests/libtest.sh: always nuke repo and files
lib/commit: don't query devino cache for modified files
tests: check for relabeling rather than overlay
tests/installed: also run test-basic-c
Jussi Laako (1):
Add --with-crypto=gnutls
Matthew Leeds (1):
lib/pull: Clarify use of unsigned summary support
Philip Withnall (21):
lib/repo: Add ostree_repo_equal() for comparing repos
lib/repo-finder-mount: Change the schema for finding repos on volumes
lib/repo: Drop outdated FIXME comment from ostree-repo.h
lib/repo: Add ostree_repo_hash() and tests
lib/repo-finder-mount: Add var/lib/flatpak as a well-known directory
src/pull: Support local pulls for collection–refs
create-usb: Add a create-usb command to complement OstreeRepoFinderMount
lib/repo-refs: Add first version of ostree_repo_resolve_collection_ref()
lib/repo-pull: Use resolve() instead of list() in fetch_ref_contents()
lib/repo-pull: Fix a potential minor leak
lib/repo: Change resolve_keyring_for_collection() to return a remote
lib/remote: Store name of remote providing keyring for dynamic remotes
lib/repo-pull: Fix remote names in refspecs from non-mirror P2P pulls
tests: Add a manual integration test for OstreeRepoFinderMount
tests: Update some tests to use OSTREE_REPO_MODE_ARCHIVE not ARCHIVE_Z2
tests/repo: Drop modeline from top of file
lib/bloom: Fix bloom hashing on 32-bit architectures
lib/bloom: Fix a -Wconversion warning in OstreeBloom
man: Fix a copypasta error in ostree-summary.xml
ostree/summary: Eliminate redundant gotos from error handling path
ostree/summary: Generate an ostree-metadata ref when updating summary
Simon McVittie (4):
tests: Fix JavaScript tests with gjs 1.50.0
test-help.sh: Skip trivial-httpd if enabled
tests: Explicitly unset LANGUAGE after setting LC_ALL
tests: Reset umask to 022 while creating test repository
yceh (1):
bin/commit: Fix build failure when libarchive is not used
Git-EVTag-v0-SHA512: bfa0b7eceb4e4ac915d7ed0a352fa778e47d2ac2bac75fd895ede1f5bcbb65c44848505eb785bac45d57c5574f0ac1d3accb6c323617582cb25c55bc229a3294
Published by cgwalters about 7 years ago
This release has a few new features, some UX improvements for the command
line, and a variety of bugfixes.
First off though is this commit: docs/build: s/libOSTree/libostree/.
The project is now more canonically called "libostree", though "OSTree"
and "ostree" are also fine.
The most important bugfix for anyone using rofiles-fuse (typically
build systems, rpm-ostree also uses it) is:
Alexander Larsson (1):
rofiles-fuse: Fix lchown() and hardlink verification for symlinks
https://github.com/ostreedev/ostree/pull/1137
On the features side, we've added a few new APIs to the libarchive
importing and checkout path that will be used by rpm-ostree. This
should be of interest to anyone using libostree for build systems
or underlying a hybrid image/package system like rpm-ostree. For
example rpm-ostree automatically converts RPMs that have content
in /boot: https://github.com/projectatomic/rpm-ostree/pull/969
using the new libarchive filtering that landed here in libostree.
This is because ostree doesn't support updating anything in /boot
besides the bootloader configuration.
Another good example of a package system integration change is the
new OSTREE_REPO_CHECKOUT_OVERWRITE_UNION_IDENTICAL - this matches
the RPM semantic of merging identical files. Thanks to
Ruixin Bao!
https://github.com/ostreedev/ostree/pull/1105
Also on the host system side, there is a new (canonical) place
for build systems to put the kernel/initramfs: /usr/lib/modules/$kver.
This change matches the current Fedora kernel RPM, and was originally
inspired by changes coming from the systemd camp. More information:
https://github.com/ostreedev/ostree/pull/1079
Guy Shapiro contributed a change to have all of the deployments
show up in the uboot configuration, to help enable automatic fallback
if a new OS fails to boot.
https://github.com/ostreedev/ostree/pull/1138
Colin Walters did a lot of style cleanups, some "error prefixing"
work to ensure we produce understandable errors in more situations,
and one other notable cleanup:
boot: Add a tmpfiles.d snippet to clean up /var/tmp/ostree-ovl.XXX
This should be nice for anyone who uses ostree admin unlock frequently.
Dan Nicholson has been doing a lot of work on improving libostree's
management of configuration for remotes:
https://github.com/ostreedev/ostree/pull/1155
Jonathan Lebon did a lot of cleanup in the command line parsing
and fixes for --help, and also helped with the new --selinux-label
option for ostree commit. (And also did tons and tons of code review!)
Robert McQueen has been continuing work on fixing up libostree's handling of
GPG keys that have subkeys - there's now:
lib/gpg: Add _FINGERPRINT_PRIMARY to OstreeGpgVerifyResult
which effectively reverts an earlier change to make the primary key
show up as the main fingerprint.
Philip Withnall and Simon McVittie contributed build system and test
fixes.
$ git shortlog v2017.10..6c0738a000800856d09774d50d16d84c1b537a7b
Alexander Larsson (1):
rofiles-fuse: Fix lchown() and hardlink verification for symlinks
Colin Walters (46):
build-sys: Post-release version bump
boot: Add a tmpfiles.d snippet to clean up /var/tmp/ostree-ovl.XXX
bin: Squash some -Wuninit warnings with porting to new style
lib/sysroot: Support /usr/lib/modules/$kver for kernel/initramfs
docs/build: s/libOSTree/libostree/
lib/deploy: Add .img to end of initramfs in /usr/lib/modules
lib/pull: Add support for timestamp-check option, use in upgrader
lib/commit: Remove duplicated function for filter processing
lib/commit: Honor commit filter for libarchive --tar-autocreate-parents
build/maint.mk: Comment out setting of LC_ALL
bin/main: Remove duplicated usage output on unknown commands
lib/repo: Add some assertions for ABI sizes
bin/commit: Add --selinux-policy option
libarchive: Add support for translating paths during commit
tree-wide: Replace archive-z2 with archive
bin/prune: Port to new style
bin/admin: Port switch,upgrade to new style
bin/admin: Check for booted deployment to see if we should reboot
bin/admin: Change init-fs to stop loading a sysroot to init one
bin/admin: Do sysroot loading during argument parsing
bin/admin: Check for booted sysroot for root-required commands
ci: Hackaround Fedora rpm/libdb/glibc issue
lib/repo: Add apidoc for repo properties
lib/repo: Add error prefixing during hardlink object import
bin/local-pull: Clarify docs, add more tests for corrupted local pulls
lib/sysroot: A bit more new style porting
lib/gpg: Use nicer helper for gpg error messages
lib/gpg: Port a few misc gpg functions to new style
tests/rofiles-fuse: Add tests for chmod/chown
tree-wide: Use helpers for unlinkat()
lib/commit: Update docs/code style for ostree_repo_scan_hardlinks()
lib/pull: Only look for cookie files for non-local remotes
lib/pull: A bit of new style porting
lib/commit: Add some error prefixing for txn commit/tmpdir
lib/sysroot: Use fd-relative acccess for bootversion cleanup
tree-wide: Add error prefixing for most remaining syscalls
lib/grub2: Port some to new code style
lib: Add a private helper to abort txns, use in sysroot cleanup
lib/syslinux: Port to new code style
ci: Fixate CentOS container image until rpm-md repos sync
lib/sysroot: Use direct g_mkdtemp() for overlay tmpdir
build-sys: Add -Werror=switch
lib/repo: Port tmpdir locking func to new style
lib/checkout: Rename disjoint union, change to merge identical files
tests: Port some bits of C to new style
Release 2017.11
Dan Nicholson (4):
repo: Fix non-system remotes-config-dir usage
sysroot: Reload config after setting sysroot kind
repo: Add add-remotes-config-dir option
repo: Ensure new config doesn't set remotes in separate file
Guy Shapiro (3):
lib/sysroot: fix placement for not-default deployment
uboot: move system uEnv merge to new function, clean up
uboot: add non-default deployments to uEnv.txt
Jonathan Lebon (12):
tests: fix admin upgrade timestamp file check
pull: better description for --mirror
ostree-sysroot: convert function to new style
ostree-sysroot: make simple_write_deployment smarter
commit: filter out selinux label before commit
bin/main: Print usage when no command given
bin/config: Tweak parameter string
tests/test-help.sh: Rework and strengthen checks
bin/admin: Don't require root for instutil
bin/static-delta: Convert to new style and tweak output
bin/admin: Don't load sysroot for root commands
bin/remote: don't load repo on root command
Matthew Leeds (5):
lib/repo-refs: Include remote refs when using collections
lib/repo-refs: Fix typos in last commit
tests: Make the deployment mutable in test-sysroot.js
tests: Check "refs -c PREFIX" behavior
lib/repo: Update outdated comment
Philip Withnall (2):
build: Add distcheck configure flags to fix systemd and bash-completion
build: Ensure ostree-tmpfiles.conf is distributed
Robert McQueen (3):
lib/gpg: Add _FINGERPRINT_PRIMARY to OstreeGpgVerifyResult
lib/gpg: Correct missing line prefix with bad signatures
lib/gpg: Provide the public key to the duplicate check
Ruixin (1):
checkout: add an extra checkout_overwrite mode
Simon McVittie (6):
test-libarchive-import: Skip if extended attributes are unsupported
test-pull-bareuser.sh: This test uses bare-user, hence needs xattrs
libtest: Allow skipping single checks without user xattrs
basic-test: Skip explicit uses of bare-user if no user xattrs
test-basic-user-only: Skip final step if no user xattrs
Remove shebang from bash completions
Git-EVTag-v0-SHA512: 2b541ac9e19ad265e6b95bf04d2d3bb0efedf95e301709e0261ca74401b4fb3f8431d39c312527537cd3bb94c6870adb5c71b477a8684ac2b04807b50770bb9d
Published by cgwalters about 7 years ago
In this release, Philip set up Coverity scans, and we fixed
all of the problems it found. I'm proud that we ended up
with a notably lower than average defect density. None of
the issues were critical; the only off-by-one array indexing
for example was in a test case.
Two new contributors showed up and submitted patches for
the documentation - it's hard to describe how happy this makes me!
bash: Add bash completion (Matthew Barnes)
is a quite welcome change as well!
There are a number of smaller features:
lib/repo: Add API to create and list ref aliases
We're planning to use this for Fedora Atomic Host to
define a version-independent ref, while still offering
per-major refs.
repo: Introduce ostree_repo_open_at() and ostree_repo_create_at() is
a notable new API, and finally completes our fd-relative porting for
OstreeRepo. The semantics of these functions are nicer; it's now
more convenient to unconditionally call ostree_repo_create_at() for
example to ensure a repository exists, returning the opened result.
lib/sysroot: Add journal-msg signal is a nice cleanup in that we finally
stopped doing printf() in the library code for OstreeSysroot. If you
maintain a client, you should start listening for this signal, like the demo
command line does (if you want the text of course).
In the "important bugfixes" category,
pull: mark commits from local cache as partial
fixes up the --localcache-repos logic, which is used in
Fedora's Anaconda at least.
Philip also contributed a number of bugfixes for the collections
logic as well as cases of trying to download a missing summary file.
Thanks to all contributors!
Colin Walters (39):
build-sys: Post-release version bump
grub2: Handle aarch64 (at least on Fedora/RHEL)
lib/pull: Journal fetch results
docs/pull: Finish incomplete docs for pull@hash syntax
tests: Add some return value checking to pacify Coverity
bin/refs: Fix error handling logic
tests/lzma: Use GRand over random()
rofiles-fuse: Add missing error handling for fcntl()
tests/lzma: Fix off-by-one in buffer size
lib/commit: Rework a conditional set for clarity and Coverity
lib/curl: Only check individual request errors
lib/gpg: Switch to GLib autocleanups for gpgme types
tree-wide: Use GLib autocleanups for libarchive
lib/sysroot: Add prefixes to syncfs/fsync error messages
lib/deploy: Add structured logging info for syncfs() times
lib/repo: Add API to create and list ref aliases
lib/pull: Log state of summary/commit GPG verification
tests/libtest-core.sh: Add a comment that this copy is canonical
tree-wide: Use g_autoptr(Ostree*)
lib: Define and use an autoptr cleanup for gpgme_key_t
tree-wide: Fix the build with old glib (Ubuntu Trusty etc.)
lib/deltas: Squash Coverity warning for div-by-zero in delta show
bin/pull: Fix @ override syntax when pulling multiple refs
tree-wide: Remove trailing semicolon from autoptr declarations
lib: Port gpg verification for remotes to fd-relative
lib/deploy: Use a FIFREEZE/FITHAW cycle for /boot
lib/sysroot-deploy: Port a kernel finding logic to new style
lib/sysroot-deploy: Refactor kernel layout parsing
lib/sysroot: Add journal-msg signal
lib/deploy: Close test suite race condition
repo: Introduce ostree_repo_open_at() and ostree_repo_create_at()
Update libglnx
build-sys: Move bash completions to /usr/share/ by default
lib/deploy: Really close testing race condition
lib/deploy: Ignore errors from FITHAW
lib/sysroot: Port a few functions to new style
docs/related-projects: Tweak client side snapshot text, add casync
lib: Fix v2017.10 symbols to inherit from v2017.8
Release 2017.10
Guy Shapiro (2):
Documentation: README: Remove deprecated wiki link
Documentation: static delta default from
Jonathan Lebon (5):
man: document configured branches
pull: mark commits from local cache as partial
ostree-deployment.c: simplify equality check
pull: mention libcurl in NOT_SUPPORTED pull path
ot-main.c: fix signal callback signature
Lisa St. John (1):
Update introduction.md
Matthew Barnes (2):
bash: Add bash completion
ostree: Add naggy comments to help keep options in sync
Matthew Leeds (2):
main: Fix subcommand usage output
man: Update ostree-refs manpage
Philip Withnall (12):
lib/repo-pull: Fix counting of latest commits when finding repos
lib/repo-finder: Avoid a potential unref-of-NULL crash
lib/repo-pull: Add a missing precondition
lib/repo-refs: Add ostree_repo_remote_list_collection_refs() API
lib/repo-finder-avahi: Drop redundant conditional
lib/repo-commit: Drop unreachable conditional branch
lib/sepolicy: Drop duplicate assignment
ostree/parse-datetime: Ensure tm structs are initialised
lib/repo: Fix handling of missing summary files when downloading
lib/repo-finder: Emit gpg-verify-summary=false in dynamic remote config
lib/gpg-verify: Add an OstreeGpgError error domain
lib/repo-finder-config: Add some more debug output
Robert McQueen (2):
gpg-verify-result: canonicalise key when looking up signatures
gpg-verify-result: try to display the primary key ID from signatures
Stef Walter (2):
autogen.sh: Fix running out of tree
man: The min-free-space-percent item goes in [core] section
Git-EVTag-v0-SHA512: af9b85f48e6f3e2de6393ab5f458e6ef405c82a1f618b8fe3c2441fa149d629f9ab464907695a9c8eb82de413692ec1015421f0958315dffe514f23ce798db3d
Published by cgwalters about 7 years ago
A notable new feature in this release is that the pull machinery now interprets
two new metadata keys: ostree.ref-binding and ostree.collection-binding.
This allows closing a longstanding class of "sidegrade" attacks that Florian
Weimer identified when performing a security audit of libostree years ago:
https://bugzilla.gnome.org/show_bug.cgi?id=724873
There was a more recent discussion on this topic on the list:
https://mail.gnome.org/archives/ostree-list/2017-May/msg00013.html
For the ostree-as-host case, this only matters if you offer multiple refs. For
flatpak, it's more important as a MITM attacker could actually switch applications;
that's why flatpak implemented this a while ago as xa.ref.
I'll note here that it's recommended for content providers to make use of
ostree's support for tls-ca-path to implement TLS CA pinning, which protects
all metadata and content in a strong fashion; in this scenario the GPG
signatures act as a secondary layer of defense and make offline verification
easier (for e.g. mirroring).
Otherwise, there's some performance enhancements for local pulls, and a variety
of bugfixes.
Thanks to all contributors!
Colin Walters (24):
build-sys: Post-release version bump
deploy: Port some functions to new style
checkout: Don't set dir mtime to 0 when doing a force copy checkout
tests: Run pull tests for bare/bare-user
lib/pull: Avoid journaling 404s for optional content
ci/papr: Update to F26
lib/pull: Do local content imports async too
Add a notion of "physical" sysroot, use for remote writing
bin/cookies: Drop libsoup code, fix fd-relative issues, new style
lib/pull: Drop direct use of ->repodir
Update libglnx, port various bits to new API
core: Sanitize error text validating refs (e.g. against HTML)
lib/repo: Auto-recreate repo/tmp if it's deleted
ci/papr: Switch primary to libcurl, add libsoup context
lib/commit: Fix EBADF with GENERATE_SIZES option for commit
ci/papr: Add a suite to run introspection-based tests without ASAN
lib: Add #defines for current well-known metadata keys
tests: More fixes for gjs tests
ci: Enable -Werror for clang
build: Turn off default warnings if we find -Werror specified
Update libglnx, port some uses to newer APIs
lib/core: Add #defines for ref/collection binding
ci: Enable libcurl by default on Fedora
Release 2017.9
Emmanuele Bassi (1):
Move the include directive to the enum template
Krzesimir Nowak (4):
ostree: Add collection and ref bindings to metadata on commit
lib/pull: Pass the ref together with the request
lib/pull: Collection and ref bindings verification
tests: New tests for creating commits with bindings and pulling them
Philip Withnall (4):
lib/repo-commit: Fix types of content size cache entries
lib/repo: Add OSTREE_REPO_METADATA_REF as a well-known metadata store
build: Ensure all .sym files are distributed in tarballs
build: Ensure all experimental tests are distributed in tarballs
Ruixin (1):
lib: Add #define for endoflife metadata key
Simon McVittie (1):
build: Don't distribute generated man pages
Git-EVTag-v0-SHA512: d5eff57f587038fcb29ee373db2ecae03908bb1fb0cbbad8d6f30fa8ec618c24b7312b03a4b958a8c10ce1450525382609f6726e837b77a7de8aa26c87a9cf67
Published by cgwalters over 7 years ago
This is a quicker release closely following 2017.7, but it still
includes a number of changes. First, a lot of work is landing
from Philip/Krzesimir for doing "collections" and pulling
content from Avahi/USB drives etc. That work is still underneath
--enable-experimental-api, but look for more from that soon!
Other notable user-visible feature PRs from this cycle are:
lib/repo: Add min-free-space-percent option, default 3%: https://github.com/ostreedev/ostree/pull/987
Add "pull --localcache-repo": https://github.com/ostreedev/ostree/pull/982
An important bugfix for bare-user repo mode owners is:
lib/commit: Ensure bare-user objects are always user-readable: https://github.com/ostreedev/ostree/pull/989
Besides that we have a lot of code cleanup, CI work, etc.
Thanks to all contributors!
Colin Walters (44):
main: DevelBuild=yes to `ostree --version` for devel builds
build-sys: Post-release version bump
repo: Squash a gcc `-Wmaybe-uninitialized` warning
ci: Enable -Werror=maybe-uninitialized
lib/core: Avoid NULL deref in content_file_parse() if out variable unset
lib/repo: Split archive/bare file parsing
lib/repo: More cleanup of load_file() internals
lib/deltas: Port to more to new code style
cmd/fsck: Port to new style
tests: add a syntax-check rule for glnx_prefix_error()
lib/commit: Clean up commit file type handling variables
lib: Hoist unlinkat() cleanup API to fsutil, use in pull
lib: Use OtTmpFile for static delta processing
lib/commit: Fix fallocate size for bare-user symlinks
lib/ref: Suppress more collection ref methods from introspection
ci: Make introspection warnings fatal
lib/deltas: Some style porting
build: Don't scan ostree-remote.h for introspection if !experimental-api
pull: Check free space when pulling deltas
ci: Actually run installed tests again
Port to GLnxTmpfile
tree-wide: Misc porting to newer libglnx APIs
libutil: Add a helper for O_TMPFILE + mmap()
lib/commit: Refactor non-failable size indexing function
lib/deltas: More porting to new code style
lib/repo: Port bareuser-conversion stat to bare load
lib/pull: Some small style porting
tests: Fix assert_files_hardlinked
lib/pull: Don't fetch detached metadata twice for local pulls
tree-wide: Replace various uses of `archive-z2` → `archive`
cmdline/pull: Print final status even if noninteractive
lib: Add a helper to convert struct stat → GFileInfo
lib/commit: Port a few minor functions to new style
lib/pull: Move check for requested content earlier
Add "pull --localcache-repo"
lib/commit: Fix a tmpfile fd leak in static delta processing
bin/commit: Port helper functions to new style
bin/commit: Add '=' to --statoverride
lib/commit: Ensure bare-user objects are always user-readable
lib/commit: Use provided length when doing writes
lib/repo: Add min-free-space-percent option, default 3%
pull: Cleanly error when doing local pulls of remote-prefixed refs
lib/repo: Immediately error creating bare-user repo on tmpfs
Release 2017.8
Jonathan Lebon (6):
ci: add ci-release-build.sh
papr: build and test on c7
test-switchroot.sh: skip if no busybox
codebase: start using GLNX_HASH_TABLE_FOREACH macros
ci: unconditionally turn on -Werror
pull: fix GLNX_HASH_TABLE_FOREACH_KV regressions
Philip Withnall (31):
build: Add ‘devel’ or ‘release’ to OSTREE_FEATURES for test-symbols.sh
lib/core: Add ostree_validate_remote_name() for remote names
lib/core: Fix ‘Since’ line for ostree_validate_remote_name()
lib/sym: Fix symbol versions for 2017.7 experimental symbols
lib/remote: Fix ‘Since’ line for OstreeRemote
lib/repo: Split out ref handling from regenerate_summary()
lib/ref: Add OstreeCollectionRef type for globally unique refs
lib/repo: Add collection ID support to OstreeRepo
lib/refs: Add methods for setting/listing collection–refs
lib/pull: Add collection support to ostree_repo_pull_with_options()
lib/repo-finder: Add basic support for finding remote URIs by ref name
lib/repo-finder: Add config-file based OstreeRepoFinder implementation
lib/repo-finder: Add mount based OstreeRepoFinder implementation
lib/bloom: Add an internal bloom filter implementation
lib/repo-finder: Add Avahi based OstreeRepoFinder implementation
find-remotes: Add a find-remotes built-in command
find-remotes: Add pull support to the find-remotes built-in command
init: Add a --collection-id argument to the built-in init command
remote-add: Add a --collection-id argument to the built-in add command
refs: Add a --collections argument to the built-in refs command
ostree/dump: Include collection IDs and mirrored refs in summary dumps
ostree/builtins: Add support for collection–refs to a few utilities
tests: Add integration tests for collections
lib/refs: Add runtime error checking for collection ID validity
lib/repo: Fix a typo in a documentation comment
tests: Fix incorrect `summary --update` usage in test-local-pull.sh
ostree/summary: Add support for adding additional metadata
lib/pull: Don’t cache summary file until its signature is verified
lib/pull: Check whether summary is in normal form when loading it
lib/pull: Use ostree_repo_verify_summary() to verify summary on pull
lib/repo: Fix repo-finder deleting remote configs when run
Simon McVittie (1):
build: Always include ostree-trivial-httpd.xml in tarballs
Git-EVTag-v0-SHA512: e1c420d6528a51dc5daacaec241c6ffaa66be4ba8e07d61bad74086e6add9418a036f26f571e13ea90db482ff2985608c97faa3eb951216a0411cf062de8a4cc
Published by cgwalters over 7 years ago
The most notable thing for this release is that for flatpak users/distributors,
this release adds a lot of (opt-in) hardening against setuid or world-writable
files. These issues are also (to a lesser degree) applicable to ostree-based
build systems which use the bare-user repository mode. A pending flatpak
version will require this version of libostree. More information in:
https://github.com/flatpak/flatpak/issues/845
For ostree-as-host, we fixed a major regression in SELinux labeling for
/etc (only applies to SELinux-using host systems).
Known issue: test-symbols.sh will fail when building from the tarball (as
opposed to a git clone). Pending fix: https://github.com/ostreedev/ostree/pull/944
Besides that, there's various smaller cleanups and fixes. It's great to see
contributors from a variety of organizations; having libostree be a shared
infrastructure layer across distributions is a longstanding vision. Thanks to
all contributors!
Alexander Larsson (5):
fetcher: Send Accept-Encoding: gzip when downloading summary
repo: After renaming in all loose objects, ensure metadata is stable
lib/repo: Always look in staging directory for objects
pull: When mirroring, only replace summary if we're doing a full mirror
static delta apply: Work on bare-user-only repos
Anton Gerasimov (1):
lib/sysroot: Add API to get pending/rollback for given stateroot
Brian C. Lane (1):
Remove the OSTREE_MAX_RECURSION limit on metadata depth
Colin Walters (51):
tests/test-symbols.sh: Fix with --enable-experimental-api
ci: Add unit case for --enable-experimental-api
tests/libtest-core: Copy rpm-ostree changes, clean up
bin/cookies: Delete dead tmpfile code in cookie list command
Add stub for new libglnx tmpfile API, port simpler callers to it
lib/deploy: Port config merge logic to new code style
tests: Add some C tests for object writing
pull-test: Add some 404 tests
lib/fsutil: Delete unused GFile ioctl method
lib/fsutil: Port to new code style
lib: Add an "is_system" member to OstreeRepo
lib/sysroot: Add non-failable ostree_sysroot_repo()
tree-wide: Add+run spatch to use glnx_throw()
cmd: Use autoptr for GKeyFile
lib/util: Some style conversion
Add a notion of "physical" sysroot, use for remote writing
repo/commit: Dedup metadata writing API implementations
repo/commit: Dedup content writing API implementation
repo/commit: In the expected checksum case, check existence early
repo/commit: Don't renormalize trusted metadata
repo/commit: Split up metadata/content commit paths
lib/repo: Delete unused private prototypes
Revert "Add a notion of "physical" sysroot, use for remote writing"
Don't install trivial-httpd man page if not enabled
Canonicalize bare-user-only perms with 0755 mask
builtins/cat: Port to new code style
lib/repofile: Port mostly to new code style
lib/repofile: Follow symlinks for `g_file_read()`
lib/repo: For bare-user, mask content object modes with 0775
tests: Add a test for bare-user-only failing to commit suid content
repo/commit: Support group-writable files for bare-user-only
ci: Update to match current rpm-ostree
ci: Add CentOS 7 build
repo: Fix leak of superblock fds when generating summary
lib/commit: Port final object writing function to new code style
lib/commit: Drop some conditionals/clarify code in content path
lib/checkout: Ignore world-writable dirs for bare-user-only checkout
lib/repo: Refactor object copy import function
lib/repo: Skip import via hardlink if repo owners don't match
lib/repo: Import metadata via hardlink even for distinct repo modes
lib/repo: Support hardlink conversions from bare-user to bu-only
lib/pull: Add OSTREE_REPO_PULL_FLAGS_BAREUSERONLY_FILES
lib/checkout: Add bareuseronly_dirs option
build-sys: post-release version bump
lib/sysroot: Add some g_prefix_error() for ostree_sysroot_cleanup()
lib/pull: Extend BAREUSERONLY_FILES flag to HTTP requests
lib: Split symbol versioning into -released and -devel
checkout: Fix SELinux policy labeling when recursing
tests: Fix previous commit for selinux testing
build-sys: Add "release build" flag, use for symbol versioning
Release 2017.7
Daniel Drake (2):
libtest: allow committing to alternative branches
Allow commits to mark refs as EOL, replaced by others
David Shea (1):
lib/repo: Fix annotations for out parameters
Jonathan Lebon (6):
pull: complete detached meta fetch before scanning
PAPR: migrate to the new name
checkout: don't apply SELinux labeling in user mode
checkout: also chmod in the user checkout case
manual: document bare-user-only repo mode
basic-test.sh: explicitly check for uncompressed objects
Krzesimir Nowak (1):
lib/sysroot: Document the NO_CLEAN flag
Owen W. Taylor (1):
lib/repo: Don't copy xattrs when manipulating the GPG keyring
Philip Withnall (16):
lib/remote: Add a getter for OstreeRemote.name
lib/remote: Add internal annotations to OstreeRemote
lib/remote: Add arguments to internal OstreeRemote constructor
lib/repo: Add return value to _ostree_repo_add_remote()
lib/repo: Make ost_repo_remove_remote() available internally
lib/remote: Fix compilation with --enable-experimental-api
build: Use AM_TESTS_ENVIRONMENT rather than TESTS_ENVIRONMENT
lib/repo: Reindent some code in regenerate_summary() for clarity
lib/pull: Fix a typo in a documentation comment
lib/pull: Simplify a for-loop initialisation
lib/pull: Drop some trailing whitespace
lib/pull: Fix an over-indented block
ostree/dump: Improve formatting for well-known commit metadata keys
lib/repo: Omit deltas from the summary file if there are none
lib/fetcher: Add cleanup function for OstreeFetcher
lib/pull: Fix construction of a refspec to use the correct separator
Tristan Van Berkom (1):
ostreee-version.h.in: Added Since: version annotations
Git-EVTag-v0-SHA512: 5115bcfa837cf59ed3672f5c7717796091ce2e88eb3ecb75148d14055246529afc2206d8e02540d2f6cb0254bee4d29506b47dbd65212f5a0b14a846f1cc986e
-----BEGIN PGP SIGNATURE-----
iQEwBAABCgAaBQJZR/ALExx3YWx0ZXJzQHZlcmJ1bS5vcmcACgkQ3EX9WSHBPwsj
Fwf+J5XIzBg7EWZOvM46tJsIz4SheSC0ULEIOT497S25mZepMUbyWfp5eS1pgr8O
daj/tUwRqWjC84kTF6lo0ChBahQl6d+QFQsC8HYdyKfBgnIfVOEkKfdea5Q2Syed
Ox/ntiPUDdO1bUZ+72X6TpQGaBhV1XfL8l9GT91ZCRgQ22yt3i0hdiAJOX+ka0ix
bD3Dy1LQz/CieUz7ViAMHWxZvva42a+ybKdzgX2r0W9Ci6NXXysOSMtKXCzoNyZl
rf0lzpmx0LpddICUEkn07uSoC2y9Yep8JRH4UKJ5vdbP3h76D1cMckRwNvYvtsjO
vapkPL9pqn/Fv2Rr/oNY3WPJ5w==
=IYbt
-----END PGP SIGNATURE-----