More specific error message on a locked OSTree system or a bootc system without a usr-overlay

Resolves: RHEL-49670
This commit is contained in:
Petr Písař 2024-07-24 13:11:34 +02:00
parent 76b2933dee
commit 140d6fbac9
4 changed files with 247 additions and 1 deletions

View File

@ -0,0 +1,99 @@
From d100c8d717cb6fbd6ba9e16028a56b140275bc8b Mon Sep 17 00:00:00 2001
From: David Cantrell <dcantrell@redhat.com>
Date: Thu, 15 Feb 2024 14:03:32 -0500
Subject: [PATCH 1/3] Add detection for ostree-based systems and warn users
about losing changes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Upstream commit: 5c050ba2324c5fb95bf0e0501c7925f38f6a09dc
On ostree-based systems, users can use dnf to customize the
environment but those changes will be lost at the next ostree-based
image update. If you want to retain changes between ostree-updates
you need to make use of rpm-ostree right now.
Signed-off-by: David Cantrell <dcantrell@redhat.com>
Resolves: https://issues.redhat.com/browse/RHEL-49670
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
dnf/cli/cli.py | 9 +++++++++
dnf/util.py | 31 +++++++++++++++++++++++++++++++
2 files changed, 40 insertions(+)
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
index 0c4f4c6ad..1fd0e96c3 100644
--- a/dnf/cli/cli.py
+++ b/dnf/cli/cli.py
@@ -214,6 +214,15 @@ class BaseCli(dnf.Base):
elif 'test' in self.conf.tsflags:
logger.info(_("{prog} will only download packages, install gpg keys, and check the "
"transaction.").format(prog=dnf.util.MAIN_PROG_UPPER))
+ if dnf.util.is_container():
+ _container_msg = _("""
+*** This system is managed with ostree. Changes to the system
+*** made with dnf will be lost with the next ostree-based update.
+*** If you do not want to lose these changes, use 'rpm-ostree'.
+""")
+ logger.info(_container_msg)
+ raise CliError(_("Operation aborted."))
+
if self._promptWanted():
if self.conf.assumeno or not self.output.userconfirm():
raise CliError(_("Operation aborted."))
diff --git a/dnf/util.py b/dnf/util.py
index 16c5bc89c..9909f8fea 100644
--- a/dnf/util.py
+++ b/dnf/util.py
@@ -33,11 +33,13 @@ import errno
import functools
import hawkey
import itertools
+import json
import locale
import logging
import os
import pwd
import shutil
+import subprocess
import sys
import tempfile
import time
@@ -631,3 +633,32 @@ def _post_transaction_output(base, transaction, action_callback):
def _name_unset_wrapper(input_name):
# returns <name-unset> for everything that evaluates to False (None, empty..)
return input_name if input_name else _("<name-unset>")
+
+
+def is_container():
+ """Returns true is the system is managed as an immutable container,
+ false otherwise. If msg is True, a warning message is displayed
+ for the user.
+ """
+
+ bootc = '/usr/bin/bootc'
+ ostree = '/sysroot/ostree'
+
+ if os.path.isfile(bootc) and os.access(bootc, os.X_OK):
+ p = subprocess.Popen([bootc, "status", "--json"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+ (out, err) = p.communicate()
+
+ if p.returncode == 0:
+ # check the output of 'bootc status'
+ j = json.loads(out)
+
+ # XXX: the API from bootc status is evolving
+ status = j.get("status", "")
+ kind = j.get("kind", "")
+
+ if kind.lower() == "bootchost" and bool(status.get("isContainer", None)):
+ return True
+ elif os.path.isdir(ostree):
+ return True
+
+ return False
\ No newline at end of file
--
2.45.2

View File

@ -0,0 +1,108 @@
From 734aab779bfd6c1792dd17528b30215a715fa898 Mon Sep 17 00:00:00 2001
From: Joseph Marrero <jmarrero@redhat.com>
Date: Tue, 16 Jul 2024 15:48:41 -0400
Subject: [PATCH 2/3] Update ostree/bootc host system check.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Upstream commit: 6120fe52511775b60b6031d4169988c025610ab5
This changes the is_container() func for _is_bootc_host()
and updates the logic and message. This should detect on
all ostree and bootc hosts to date that are not using
bootc usroverlay or ostree admin unlock for development
purposes.
Resolves: https://issues.redhat.com/browse/RHEL-49670
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
dnf/cli/cli.py | 11 +++++------
dnf/util.py | 33 ++++++++-------------------------
2 files changed, 13 insertions(+), 31 deletions(-)
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
index 1fd0e96c3..8521dd351 100644
--- a/dnf/cli/cli.py
+++ b/dnf/cli/cli.py
@@ -214,13 +214,12 @@ class BaseCli(dnf.Base):
elif 'test' in self.conf.tsflags:
logger.info(_("{prog} will only download packages, install gpg keys, and check the "
"transaction.").format(prog=dnf.util.MAIN_PROG_UPPER))
- if dnf.util.is_container():
- _container_msg = _("""
-*** This system is managed with ostree. Changes to the system
-*** made with dnf will be lost with the next ostree-based update.
-*** If you do not want to lose these changes, use 'rpm-ostree'.
+ if dnf.util._is_bootc_host():
+ _bootc_host_msg = _("""
+*** Error: system is configured to be read-only; for more
+*** information run `bootc status` or `ostree admin status`.
""")
- logger.info(_container_msg)
+ logger.info(_bootc_host_msg)
raise CliError(_("Operation aborted."))
if self._promptWanted():
diff --git a/dnf/util.py b/dnf/util.py
index 9909f8fea..e68dd5733 100644
--- a/dnf/util.py
+++ b/dnf/util.py
@@ -33,13 +33,11 @@ import errno
import functools
import hawkey
import itertools
-import json
import locale
import logging
import os
import pwd
import shutil
-import subprocess
import sys
import tempfile
import time
@@ -635,30 +633,15 @@ def _name_unset_wrapper(input_name):
return input_name if input_name else _("<name-unset>")
-def is_container():
+def _is_bootc_host():
"""Returns true is the system is managed as an immutable container,
false otherwise. If msg is True, a warning message is displayed
for the user.
"""
-
- bootc = '/usr/bin/bootc'
- ostree = '/sysroot/ostree'
-
- if os.path.isfile(bootc) and os.access(bootc, os.X_OK):
- p = subprocess.Popen([bootc, "status", "--json"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
- (out, err) = p.communicate()
-
- if p.returncode == 0:
- # check the output of 'bootc status'
- j = json.loads(out)
-
- # XXX: the API from bootc status is evolving
- status = j.get("status", "")
- kind = j.get("kind", "")
-
- if kind.lower() == "bootchost" and bool(status.get("isContainer", None)):
- return True
- elif os.path.isdir(ostree):
- return True
-
- return False
\ No newline at end of file
+ ostree_booted = '/run/ostree-booted'
+ usr = '/usr/'
+ # Check if usr is writtable and we are in a running ostree system.
+ # We want this code to return true only when the system is in locked state. If someone ran
+ # bootc overlay or ostree admin unlock we would want normal DNF path to be ran as it will be
+ # temporary changes (until reboot).
+ return os.path.isfile(ostree_booted) and not os.access(usr, os.W_OK)
\ No newline at end of file
--
2.45.2

View File

@ -0,0 +1,32 @@
From 6461b97ef7c2f51fcd1377442cc4b3ce30675c61 Mon Sep 17 00:00:00 2001
From: Joseph Marrero <jmarrero@redhat.com>
Date: Mon, 22 Jul 2024 15:33:32 -0400
Subject: [PATCH 3/3] Update bootc hosts message to point to bootc --help
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Upstream commit: e2535589ce16bc36b96b37369502a3c312f6056a
Resolves: https://issues.redhat.com/browse/RHEL-49670
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
dnf/cli/cli.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
index 8521dd351..99af9069b 100644
--- a/dnf/cli/cli.py
+++ b/dnf/cli/cli.py
@@ -217,7 +217,7 @@ class BaseCli(dnf.Base):
if dnf.util._is_bootc_host():
_bootc_host_msg = _("""
*** Error: system is configured to be read-only; for more
-*** information run `bootc status` or `ostree admin status`.
+*** information run `bootc --help`.
""")
logger.info(_bootc_host_msg)
raise CliError(_("Operation aborted."))
--
2.45.2

View File

@ -69,7 +69,7 @@ It supports RPMs, modules and comps groups & environments.
Name: dnf Name: dnf
Version: 4.14.0 Version: 4.14.0
Release: 15%{?dist} Release: 16%{?dist}
Summary: %{pkg_summary} Summary: %{pkg_summary}
# For a breakdown of the licensing, see PACKAGE-LICENSING # For a breakdown of the licensing, see PACKAGE-LICENSING
License: GPLv2+ License: GPLv2+
@ -101,6 +101,9 @@ Patch23: 0023-Limit-queries-to-nevra-forms-when-provided-by-comman.patch
Patch24: 0024-doc-Remove-provide-of-spec-definition-for-repoquery-.patch Patch24: 0024-doc-Remove-provide-of-spec-definition-for-repoquery-.patch
Patch25: 0025-man-Improve-upgrade-minimal-command-docs-RHEL-6417.patch Patch25: 0025-man-Improve-upgrade-minimal-command-docs-RHEL-6417.patch
Patch26: 0026-doc-Makecache-with-timer-tries-only-one-mirror.patch Patch26: 0026-doc-Makecache-with-timer-tries-only-one-mirror.patch
Patch27: 0027-Add-detection-for-ostree-based-systems-and-warn-user.patch
Patch28: 0028-Update-ostree-bootc-host-system-check.patch
Patch29: 0029-Update-bootc-hosts-message-to-point-to-bootc-help.patch
BuildArch: noarch BuildArch: noarch
BuildRequires: cmake BuildRequires: cmake
@ -389,6 +392,10 @@ popd
%{python3_sitelib}/%{name}/automatic/ %{python3_sitelib}/%{name}/automatic/
%changelog %changelog
* Wed Jul 24 2024 Petr Pisar <ppisar@redhat.com> - 4.14.0-16
- More specific error message on a locked OSTree system or a bootc system
without a usr-overlay (RHEL-49670)
* Wed Jun 12 2024 Petr Pisar <ppisar@redhat.com> - 4.14.0-15 * Wed Jun 12 2024 Petr Pisar <ppisar@redhat.com> - 4.14.0-15
- Document that "dnf makecache --timer" exits on a first failed mirror - Document that "dnf makecache --timer" exits on a first failed mirror
(RHEL-1342) (RHEL-1342)