From 140d6fbac96582b16f8714bb1e93fb1cd9ba7c13 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Wed, 24 Jul 2024 13:11:34 +0200 Subject: [PATCH] More specific error message on a locked OSTree system or a bootc system without a usr-overlay Resolves: RHEL-49670 --- ...r-ostree-based-systems-and-warn-user.patch | 99 ++++++++++++++++ ...pdate-ostree-bootc-host-system-check.patch | 108 ++++++++++++++++++ ...hosts-message-to-point-to-bootc-help.patch | 32 ++++++ dnf.spec | 9 +- 4 files changed, 247 insertions(+), 1 deletion(-) create mode 100644 0027-Add-detection-for-ostree-based-systems-and-warn-user.patch create mode 100644 0028-Update-ostree-bootc-host-system-check.patch create mode 100644 0029-Update-bootc-hosts-message-to-point-to-bootc-help.patch diff --git a/0027-Add-detection-for-ostree-based-systems-and-warn-user.patch b/0027-Add-detection-for-ostree-based-systems-and-warn-user.patch new file mode 100644 index 0000000..f5ffe95 --- /dev/null +++ b/0027-Add-detection-for-ostree-based-systems-and-warn-user.patch @@ -0,0 +1,99 @@ +From d100c8d717cb6fbd6ba9e16028a56b140275bc8b Mon Sep 17 00:00:00 2001 +From: David Cantrell +Date: Thu, 15 Feb 2024 14:03:32 -0500 +Subject: [PATCH 1/3] Add detection for ostree-based systems and warn users + about losing changes +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Upstream commit: 5c050ba2324c5fb95bf0e0501c7925f38f6a09dc + +On ostree-based systems, users can use dnf to customize the +environment but those changes will be lost at the next ostree-based +image update. If you want to retain changes between ostree-updates +you need to make use of rpm-ostree right now. + +Signed-off-by: David Cantrell +Resolves: https://issues.redhat.com/browse/RHEL-49670 +Signed-off-by: Petr Písař +--- + dnf/cli/cli.py | 9 +++++++++ + dnf/util.py | 31 +++++++++++++++++++++++++++++++ + 2 files changed, 40 insertions(+) + +diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py +index 0c4f4c6ad..1fd0e96c3 100644 +--- a/dnf/cli/cli.py ++++ b/dnf/cli/cli.py +@@ -214,6 +214,15 @@ class BaseCli(dnf.Base): + elif 'test' in self.conf.tsflags: + logger.info(_("{prog} will only download packages, install gpg keys, and check the " + "transaction.").format(prog=dnf.util.MAIN_PROG_UPPER)) ++ if dnf.util.is_container(): ++ _container_msg = _(""" ++*** This system is managed with ostree. Changes to the system ++*** made with dnf will be lost with the next ostree-based update. ++*** If you do not want to lose these changes, use 'rpm-ostree'. ++""") ++ logger.info(_container_msg) ++ raise CliError(_("Operation aborted.")) ++ + if self._promptWanted(): + if self.conf.assumeno or not self.output.userconfirm(): + raise CliError(_("Operation aborted.")) +diff --git a/dnf/util.py b/dnf/util.py +index 16c5bc89c..9909f8fea 100644 +--- a/dnf/util.py ++++ b/dnf/util.py +@@ -33,11 +33,13 @@ import errno + import functools + import hawkey + import itertools ++import json + import locale + import logging + import os + import pwd + import shutil ++import subprocess + import sys + import tempfile + import time +@@ -631,3 +633,32 @@ def _post_transaction_output(base, transaction, action_callback): + def _name_unset_wrapper(input_name): + # returns for everything that evaluates to False (None, empty..) + return input_name if input_name else _("") ++ ++ ++def is_container(): ++ """Returns true is the system is managed as an immutable container, ++ false otherwise. If msg is True, a warning message is displayed ++ for the user. ++ """ ++ ++ bootc = '/usr/bin/bootc' ++ ostree = '/sysroot/ostree' ++ ++ if os.path.isfile(bootc) and os.access(bootc, os.X_OK): ++ p = subprocess.Popen([bootc, "status", "--json"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) ++ (out, err) = p.communicate() ++ ++ if p.returncode == 0: ++ # check the output of 'bootc status' ++ j = json.loads(out) ++ ++ # XXX: the API from bootc status is evolving ++ status = j.get("status", "") ++ kind = j.get("kind", "") ++ ++ if kind.lower() == "bootchost" and bool(status.get("isContainer", None)): ++ return True ++ elif os.path.isdir(ostree): ++ return True ++ ++ return False +\ No newline at end of file +-- +2.45.2 + diff --git a/0028-Update-ostree-bootc-host-system-check.patch b/0028-Update-ostree-bootc-host-system-check.patch new file mode 100644 index 0000000..de4e0e0 --- /dev/null +++ b/0028-Update-ostree-bootc-host-system-check.patch @@ -0,0 +1,108 @@ +From 734aab779bfd6c1792dd17528b30215a715fa898 Mon Sep 17 00:00:00 2001 +From: Joseph Marrero +Date: Tue, 16 Jul 2024 15:48:41 -0400 +Subject: [PATCH 2/3] Update ostree/bootc host system check. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Upstream commit: 6120fe52511775b60b6031d4169988c025610ab5 + +This changes the is_container() func for _is_bootc_host() +and updates the logic and message. This should detect on +all ostree and bootc hosts to date that are not using +bootc usroverlay or ostree admin unlock for development +purposes. + +Resolves: https://issues.redhat.com/browse/RHEL-49670 +Signed-off-by: Petr Písař +--- + dnf/cli/cli.py | 11 +++++------ + dnf/util.py | 33 ++++++++------------------------- + 2 files changed, 13 insertions(+), 31 deletions(-) + +diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py +index 1fd0e96c3..8521dd351 100644 +--- a/dnf/cli/cli.py ++++ b/dnf/cli/cli.py +@@ -214,13 +214,12 @@ class BaseCli(dnf.Base): + elif 'test' in self.conf.tsflags: + logger.info(_("{prog} will only download packages, install gpg keys, and check the " + "transaction.").format(prog=dnf.util.MAIN_PROG_UPPER)) +- if dnf.util.is_container(): +- _container_msg = _(""" +-*** This system is managed with ostree. Changes to the system +-*** made with dnf will be lost with the next ostree-based update. +-*** If you do not want to lose these changes, use 'rpm-ostree'. ++ if dnf.util._is_bootc_host(): ++ _bootc_host_msg = _(""" ++*** Error: system is configured to be read-only; for more ++*** information run `bootc status` or `ostree admin status`. + """) +- logger.info(_container_msg) ++ logger.info(_bootc_host_msg) + raise CliError(_("Operation aborted.")) + + if self._promptWanted(): +diff --git a/dnf/util.py b/dnf/util.py +index 9909f8fea..e68dd5733 100644 +--- a/dnf/util.py ++++ b/dnf/util.py +@@ -33,13 +33,11 @@ import errno + import functools + import hawkey + import itertools +-import json + import locale + import logging + import os + import pwd + import shutil +-import subprocess + import sys + import tempfile + import time +@@ -635,30 +633,15 @@ def _name_unset_wrapper(input_name): + return input_name if input_name else _("") + + +-def is_container(): ++def _is_bootc_host(): + """Returns true is the system is managed as an immutable container, + false otherwise. If msg is True, a warning message is displayed + for the user. + """ +- +- bootc = '/usr/bin/bootc' +- ostree = '/sysroot/ostree' +- +- if os.path.isfile(bootc) and os.access(bootc, os.X_OK): +- p = subprocess.Popen([bootc, "status", "--json"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) +- (out, err) = p.communicate() +- +- if p.returncode == 0: +- # check the output of 'bootc status' +- j = json.loads(out) +- +- # XXX: the API from bootc status is evolving +- status = j.get("status", "") +- kind = j.get("kind", "") +- +- if kind.lower() == "bootchost" and bool(status.get("isContainer", None)): +- return True +- elif os.path.isdir(ostree): +- return True +- +- return False +\ No newline at end of file ++ ostree_booted = '/run/ostree-booted' ++ usr = '/usr/' ++ # Check if usr is writtable and we are in a running ostree system. ++ # We want this code to return true only when the system is in locked state. If someone ran ++ # bootc overlay or ostree admin unlock we would want normal DNF path to be ran as it will be ++ # temporary changes (until reboot). ++ return os.path.isfile(ostree_booted) and not os.access(usr, os.W_OK) +\ No newline at end of file +-- +2.45.2 + diff --git a/0029-Update-bootc-hosts-message-to-point-to-bootc-help.patch b/0029-Update-bootc-hosts-message-to-point-to-bootc-help.patch new file mode 100644 index 0000000..7ef7a73 --- /dev/null +++ b/0029-Update-bootc-hosts-message-to-point-to-bootc-help.patch @@ -0,0 +1,32 @@ +From 6461b97ef7c2f51fcd1377442cc4b3ce30675c61 Mon Sep 17 00:00:00 2001 +From: Joseph Marrero +Date: Mon, 22 Jul 2024 15:33:32 -0400 +Subject: [PATCH 3/3] Update bootc hosts message to point to bootc --help +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Upstream commit: e2535589ce16bc36b96b37369502a3c312f6056a +Resolves: https://issues.redhat.com/browse/RHEL-49670 + +Signed-off-by: Petr Písař +--- + dnf/cli/cli.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py +index 8521dd351..99af9069b 100644 +--- a/dnf/cli/cli.py ++++ b/dnf/cli/cli.py +@@ -217,7 +217,7 @@ class BaseCli(dnf.Base): + if dnf.util._is_bootc_host(): + _bootc_host_msg = _(""" + *** Error: system is configured to be read-only; for more +-*** information run `bootc status` or `ostree admin status`. ++*** information run `bootc --help`. + """) + logger.info(_bootc_host_msg) + raise CliError(_("Operation aborted.")) +-- +2.45.2 + diff --git a/dnf.spec b/dnf.spec index d2842c9..7ebcfbd 100644 --- a/dnf.spec +++ b/dnf.spec @@ -69,7 +69,7 @@ It supports RPMs, modules and comps groups & environments. Name: dnf Version: 4.14.0 -Release: 15%{?dist} +Release: 16%{?dist} Summary: %{pkg_summary} # For a breakdown of the licensing, see PACKAGE-LICENSING License: GPLv2+ @@ -101,6 +101,9 @@ Patch23: 0023-Limit-queries-to-nevra-forms-when-provided-by-comman.patch Patch24: 0024-doc-Remove-provide-of-spec-definition-for-repoquery-.patch Patch25: 0025-man-Improve-upgrade-minimal-command-docs-RHEL-6417.patch Patch26: 0026-doc-Makecache-with-timer-tries-only-one-mirror.patch +Patch27: 0027-Add-detection-for-ostree-based-systems-and-warn-user.patch +Patch28: 0028-Update-ostree-bootc-host-system-check.patch +Patch29: 0029-Update-bootc-hosts-message-to-point-to-bootc-help.patch BuildArch: noarch BuildRequires: cmake @@ -389,6 +392,10 @@ popd %{python3_sitelib}/%{name}/automatic/ %changelog +* Wed Jul 24 2024 Petr Pisar - 4.14.0-16 +- More specific error message on a locked OSTree system or a bootc system + without a usr-overlay (RHEL-49670) + * Wed Jun 12 2024 Petr Pisar - 4.14.0-15 - Document that "dnf makecache --timer" exits on a first failed mirror (RHEL-1342)