More specific error message on a locked OSTree system or a bootc system without a usr-overlay
Resolves: RHEL-49671
This commit is contained in:
parent
37093e6131
commit
6935c8626a
@ -0,0 +1,98 @@
|
|||||||
|
From b00c7171f58dbbda3df4bf5f2e65cbc7eff37a5b Mon Sep 17 00:00:00 2001
|
||||||
|
From: David Cantrell <dcantrell@redhat.com>
|
||||||
|
Date: Thu, 15 Feb 2024 14:03:32 -0500
|
||||||
|
Subject: [PATCH] Add detection for ostree-based systems and warn users about
|
||||||
|
losing changes
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Upstream commit: 5c050ba2324c5fb95bf0e0501c7925f38f6a09dc
|
||||||
|
|
||||||
|
On ostree-based systems, users can use dnf to customize the
|
||||||
|
environment but those changes will be lost at the next ostree-based
|
||||||
|
image update. If you want to retain changes between ostree-updates
|
||||||
|
you need to make use of rpm-ostree right now.
|
||||||
|
|
||||||
|
Signed-off-by: David Cantrell <dcantrell@redhat.com>
|
||||||
|
Resolves: https://issues.redhat.com/browse/RHEL-49671
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
dnf/cli/cli.py | 9 +++++++++
|
||||||
|
dnf/util.py | 31 +++++++++++++++++++++++++++++++
|
||||||
|
2 files changed, 40 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
|
||||||
|
index 1824bd00e..c14f83639 100644
|
||||||
|
--- a/dnf/cli/cli.py
|
||||||
|
+++ b/dnf/cli/cli.py
|
||||||
|
@@ -214,6 +214,15 @@ class BaseCli(dnf.Base):
|
||||||
|
elif 'test' in self.conf.tsflags:
|
||||||
|
logger.info(_("{prog} will only download packages, install gpg keys, and check the "
|
||||||
|
"transaction.").format(prog=dnf.util.MAIN_PROG_UPPER))
|
||||||
|
+ if dnf.util.is_container():
|
||||||
|
+ _container_msg = _("""
|
||||||
|
+*** This system is managed with ostree. Changes to the system
|
||||||
|
+*** made with dnf will be lost with the next ostree-based update.
|
||||||
|
+*** If you do not want to lose these changes, use 'rpm-ostree'.
|
||||||
|
+""")
|
||||||
|
+ logger.info(_container_msg)
|
||||||
|
+ raise CliError(_("Operation aborted."))
|
||||||
|
+
|
||||||
|
if self._promptWanted():
|
||||||
|
if self.conf.assumeno or not self.output.userconfirm():
|
||||||
|
raise CliError(_("Operation aborted."))
|
||||||
|
diff --git a/dnf/util.py b/dnf/util.py
|
||||||
|
index 6cd7ad41f..1b465bda5 100644
|
||||||
|
--- a/dnf/util.py
|
||||||
|
+++ b/dnf/util.py
|
||||||
|
@@ -33,11 +33,13 @@ import errno
|
||||||
|
import functools
|
||||||
|
import hawkey
|
||||||
|
import itertools
|
||||||
|
+import json
|
||||||
|
import locale
|
||||||
|
import logging
|
||||||
|
import os
|
||||||
|
import pwd
|
||||||
|
import shutil
|
||||||
|
+import subprocess
|
||||||
|
import sys
|
||||||
|
import tempfile
|
||||||
|
import time
|
||||||
|
@@ -639,3 +641,32 @@ def _is_file_pattern_present(specs):
|
||||||
|
if subj._filename_pattern:
|
||||||
|
return True
|
||||||
|
return False
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def is_container():
|
||||||
|
+ """Returns true is the system is managed as an immutable container,
|
||||||
|
+ false otherwise. If msg is True, a warning message is displayed
|
||||||
|
+ for the user.
|
||||||
|
+ """
|
||||||
|
+
|
||||||
|
+ bootc = '/usr/bin/bootc'
|
||||||
|
+ ostree = '/sysroot/ostree'
|
||||||
|
+
|
||||||
|
+ if os.path.isfile(bootc) and os.access(bootc, os.X_OK):
|
||||||
|
+ p = subprocess.Popen([bootc, "status", "--json"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
|
+ (out, err) = p.communicate()
|
||||||
|
+
|
||||||
|
+ if p.returncode == 0:
|
||||||
|
+ # check the output of 'bootc status'
|
||||||
|
+ j = json.loads(out)
|
||||||
|
+
|
||||||
|
+ # XXX: the API from bootc status is evolving
|
||||||
|
+ status = j.get("status", "")
|
||||||
|
+ kind = j.get("kind", "")
|
||||||
|
+
|
||||||
|
+ if kind.lower() == "bootchost" and bool(status.get("isContainer", None)):
|
||||||
|
+ return True
|
||||||
|
+ elif os.path.isdir(ostree):
|
||||||
|
+ return True
|
||||||
|
+
|
||||||
|
+ return False
|
||||||
|
--
|
||||||
|
2.46.2
|
||||||
|
|
106
0007-Update-ostree-bootc-host-system-check.patch
Normal file
106
0007-Update-ostree-bootc-host-system-check.patch
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
From e2dbb97b9e13a73c47dd59827d7f2214bbdde99f Mon Sep 17 00:00:00 2001
|
||||||
|
From: Joseph Marrero <jmarrero@redhat.com>
|
||||||
|
Date: Tue, 16 Jul 2024 15:48:41 -0400
|
||||||
|
Subject: [PATCH] Update ostree/bootc host system check.
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Upstream commit: 6120fe52511775b60b6031d4169988c025610ab5
|
||||||
|
|
||||||
|
This changes the is_container() func for _is_bootc_host()
|
||||||
|
and updates the logic and message. This should detect on
|
||||||
|
all ostree and bootc hosts to date that are not using
|
||||||
|
bootc usroverlay or ostree admin unlock for development
|
||||||
|
purposes.
|
||||||
|
|
||||||
|
Resolves: https://issues.redhat.com/browse/RHEL-49671
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
dnf/cli/cli.py | 11 +++++------
|
||||||
|
dnf/util.py | 33 ++++++++-------------------------
|
||||||
|
2 files changed, 13 insertions(+), 31 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
|
||||||
|
index c14f83639..83b190026 100644
|
||||||
|
--- a/dnf/cli/cli.py
|
||||||
|
+++ b/dnf/cli/cli.py
|
||||||
|
@@ -214,13 +214,12 @@ class BaseCli(dnf.Base):
|
||||||
|
elif 'test' in self.conf.tsflags:
|
||||||
|
logger.info(_("{prog} will only download packages, install gpg keys, and check the "
|
||||||
|
"transaction.").format(prog=dnf.util.MAIN_PROG_UPPER))
|
||||||
|
- if dnf.util.is_container():
|
||||||
|
- _container_msg = _("""
|
||||||
|
-*** This system is managed with ostree. Changes to the system
|
||||||
|
-*** made with dnf will be lost with the next ostree-based update.
|
||||||
|
-*** If you do not want to lose these changes, use 'rpm-ostree'.
|
||||||
|
+ if dnf.util._is_bootc_host():
|
||||||
|
+ _bootc_host_msg = _("""
|
||||||
|
+*** Error: system is configured to be read-only; for more
|
||||||
|
+*** information run `bootc status` or `ostree admin status`.
|
||||||
|
""")
|
||||||
|
- logger.info(_container_msg)
|
||||||
|
+ logger.info(_bootc_host_msg)
|
||||||
|
raise CliError(_("Operation aborted."))
|
||||||
|
|
||||||
|
if self._promptWanted():
|
||||||
|
diff --git a/dnf/util.py b/dnf/util.py
|
||||||
|
index 1b465bda5..1ba2e27ff 100644
|
||||||
|
--- a/dnf/util.py
|
||||||
|
+++ b/dnf/util.py
|
||||||
|
@@ -33,13 +33,11 @@ import errno
|
||||||
|
import functools
|
||||||
|
import hawkey
|
||||||
|
import itertools
|
||||||
|
-import json
|
||||||
|
import locale
|
||||||
|
import logging
|
||||||
|
import os
|
||||||
|
import pwd
|
||||||
|
import shutil
|
||||||
|
-import subprocess
|
||||||
|
import sys
|
||||||
|
import tempfile
|
||||||
|
import time
|
||||||
|
@@ -643,30 +641,15 @@ def _is_file_pattern_present(specs):
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
-def is_container():
|
||||||
|
+def _is_bootc_host():
|
||||||
|
"""Returns true is the system is managed as an immutable container,
|
||||||
|
false otherwise. If msg is True, a warning message is displayed
|
||||||
|
for the user.
|
||||||
|
"""
|
||||||
|
-
|
||||||
|
- bootc = '/usr/bin/bootc'
|
||||||
|
- ostree = '/sysroot/ostree'
|
||||||
|
-
|
||||||
|
- if os.path.isfile(bootc) and os.access(bootc, os.X_OK):
|
||||||
|
- p = subprocess.Popen([bootc, "status", "--json"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
|
- (out, err) = p.communicate()
|
||||||
|
-
|
||||||
|
- if p.returncode == 0:
|
||||||
|
- # check the output of 'bootc status'
|
||||||
|
- j = json.loads(out)
|
||||||
|
-
|
||||||
|
- # XXX: the API from bootc status is evolving
|
||||||
|
- status = j.get("status", "")
|
||||||
|
- kind = j.get("kind", "")
|
||||||
|
-
|
||||||
|
- if kind.lower() == "bootchost" and bool(status.get("isContainer", None)):
|
||||||
|
- return True
|
||||||
|
- elif os.path.isdir(ostree):
|
||||||
|
- return True
|
||||||
|
-
|
||||||
|
- return False
|
||||||
|
+ ostree_booted = '/run/ostree-booted'
|
||||||
|
+ usr = '/usr/'
|
||||||
|
+ # Check if usr is writtable and we are in a running ostree system.
|
||||||
|
+ # We want this code to return true only when the system is in locked state. If someone ran
|
||||||
|
+ # bootc overlay or ostree admin unlock we would want normal DNF path to be ran as it will be
|
||||||
|
+ # temporary changes (until reboot).
|
||||||
|
+ return os.path.isfile(ostree_booted) and not os.access(usr, os.W_OK)
|
||||||
|
--
|
||||||
|
2.46.2
|
||||||
|
|
32
0008-Update-bootc-hosts-message-to-point-to-bootc-help.patch
Normal file
32
0008-Update-bootc-hosts-message-to-point-to-bootc-help.patch
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
From 15aedf5f4e70695e7801c80498d4da52e49ac626 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Joseph Marrero <jmarrero@redhat.com>
|
||||||
|
Date: Mon, 22 Jul 2024 15:33:32 -0400
|
||||||
|
Subject: [PATCH] Update bootc hosts message to point to bootc --help
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Upstream commit: e2535589ce16bc36b96b37369502a3c312f6056a
|
||||||
|
Resolves: https://issues.redhat.com/browse/RHEL-49671
|
||||||
|
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
dnf/cli/cli.py | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
|
||||||
|
index 83b190026..0eda2c8cb 100644
|
||||||
|
--- a/dnf/cli/cli.py
|
||||||
|
+++ b/dnf/cli/cli.py
|
||||||
|
@@ -217,7 +217,7 @@ class BaseCli(dnf.Base):
|
||||||
|
if dnf.util._is_bootc_host():
|
||||||
|
_bootc_host_msg = _("""
|
||||||
|
*** Error: system is configured to be read-only; for more
|
||||||
|
-*** information run `bootc status` or `ostree admin status`.
|
||||||
|
+*** information run `bootc --help`.
|
||||||
|
""")
|
||||||
|
logger.info(_bootc_host_msg)
|
||||||
|
raise CliError(_("Operation aborted."))
|
||||||
|
--
|
||||||
|
2.46.2
|
||||||
|
|
47
0009-Allow-installroot-on-read-only-bootc-system.patch
Normal file
47
0009-Allow-installroot-on-read-only-bootc-system.patch
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
From ff86cee7cf33f44e4b10538ceeee5f284d6735ed Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
|
||||||
|
Date: Thu, 15 Aug 2024 14:04:55 +0200
|
||||||
|
Subject: [PATCH] Allow --installroot on read-only bootc system
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
Upstream commit: a1aa8d0e048751859a2bec1b2fb12fcca93c6e83
|
||||||
|
|
||||||
|
Some people use --installroot on a read-only bootc system to install
|
||||||
|
a system into a chroot subtree. However, current bootc check did not
|
||||||
|
take into account --installroot and rejected the operation.
|
||||||
|
|
||||||
|
This patch augments the check for the installroot being different
|
||||||
|
from /.
|
||||||
|
|
||||||
|
It's pointless to check for installroot writability here because
|
||||||
|
installroot is written before this check when updating the
|
||||||
|
repositories and computing a transaction. Moving this check sooner
|
||||||
|
would not help because some directories (/opt, /) are kept read-only
|
||||||
|
even on writable bootc.
|
||||||
|
|
||||||
|
Resolves: #2108
|
||||||
|
Resolves: https://issues.redhat.com/browse/RHEL-49671
|
||||||
|
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
||||||
|
---
|
||||||
|
dnf/cli/cli.py | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/dnf/cli/cli.py b/dnf/cli/cli.py
|
||||||
|
index 0eda2c8cb..008262ea0 100644
|
||||||
|
--- a/dnf/cli/cli.py
|
||||||
|
+++ b/dnf/cli/cli.py
|
||||||
|
@@ -214,7 +214,8 @@ class BaseCli(dnf.Base):
|
||||||
|
elif 'test' in self.conf.tsflags:
|
||||||
|
logger.info(_("{prog} will only download packages, install gpg keys, and check the "
|
||||||
|
"transaction.").format(prog=dnf.util.MAIN_PROG_UPPER))
|
||||||
|
- if dnf.util._is_bootc_host():
|
||||||
|
+ if dnf.util._is_bootc_host() and \
|
||||||
|
+ os.path.realpath(self.conf.installroot) == "/":
|
||||||
|
_bootc_host_msg = _("""
|
||||||
|
*** Error: system is configured to be read-only; for more
|
||||||
|
*** information run `bootc --help`.
|
||||||
|
--
|
||||||
|
2.46.2
|
||||||
|
|
10
dnf.spec
10
dnf.spec
@ -68,7 +68,7 @@ It supports RPMs, modules and comps groups & environments.
|
|||||||
|
|
||||||
Name: dnf
|
Name: dnf
|
||||||
Version: 4.20.0
|
Version: 4.20.0
|
||||||
Release: 6%{?dist}
|
Release: 7%{?dist}
|
||||||
Summary: %{pkg_summary}
|
Summary: %{pkg_summary}
|
||||||
# For a breakdown of the licensing, see PACKAGE-LICENSING
|
# For a breakdown of the licensing, see PACKAGE-LICENSING
|
||||||
License: GPL-2.0-or-later AND GPL-1.0-only
|
License: GPL-2.0-or-later AND GPL-1.0-only
|
||||||
@ -79,6 +79,10 @@ Patch2: 0002-Limit-queries-to-nevra-forms-when-provided-by-comman.patch
|
|||||||
Patch3: 0003-doc-Remove-provide-of-spec-definition-for-repoquery-.patch
|
Patch3: 0003-doc-Remove-provide-of-spec-definition-for-repoquery-.patch
|
||||||
Patch4: 0004-Drop-collect-file-for-ABRT.patch
|
Patch4: 0004-Drop-collect-file-for-ABRT.patch
|
||||||
Patch5: 0005-tests-Use-PGP-keys-without-SHA-1.patch
|
Patch5: 0005-tests-Use-PGP-keys-without-SHA-1.patch
|
||||||
|
Patch6: 0006-Add-detection-for-ostree-based-systems-and-warn-user.patch
|
||||||
|
Patch7: 0007-Update-ostree-bootc-host-system-check.patch
|
||||||
|
Patch8: 0008-Update-bootc-hosts-message-to-point-to-bootc-help.patch
|
||||||
|
Patch9: 0009-Allow-installroot-on-read-only-bootc-system.patch
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
BuildRequires: gettext
|
BuildRequires: gettext
|
||||||
@ -419,6 +423,10 @@ popd
|
|||||||
%{python3_sitelib}/%{name}/automatic/
|
%{python3_sitelib}/%{name}/automatic/
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Sep 20 2024 Petr Pisar <ppisar@redhat.com> - 4.20.0-7
|
||||||
|
- More specific error message on a locked OSTree system or a bootc system
|
||||||
|
without a usr-overlay (RHEL-49671)
|
||||||
|
|
||||||
* Tue Aug 06 2024 Petr Pisar <ppisar@redhat.com> - 4.20.0-6
|
* Tue Aug 06 2024 Petr Pisar <ppisar@redhat.com> - 4.20.0-6
|
||||||
- Revert more specific error message on a locked OSTree system or a bootc system
|
- Revert more specific error message on a locked OSTree system or a bootc system
|
||||||
without a usr-overlay (RHEL-49671)
|
without a usr-overlay (RHEL-49671)
|
||||||
|
Loading…
Reference in New Issue
Block a user