rpms/rpm-ostree
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Backport patch to add API devices for running on CentOS 7

Browse Source 
https://github.com/projectatomic/rpm-ostree/issues/727
This commit is contained in:
Colin Walters 2017-04-07 07:56:37 -04:00
parent 9a03814662
commit 794d0df4b7
3 changed files with 217 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
0001-treecompose-Prepare-device-API-mounts.patch Normal file
View File

@ -0,0 +1,100 @@
From 9d294d5a394dfd7d6da37333616ed441dbe7103f Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 6 Apr 2017 17:45:54 -0400
Subject: [PATCH] treecompose: Prepare device API mounts
This gives scripts access to e.g. `/dev/urandom`. Short term
hack until we implement https://github.com/projectatomic/rpm-ostree/issues/729
The reason we don't need to explicitly clean these up before committing is right
now for treecompose we only lift `/usr` from the RPM content, so we don't run
into ostree refusing to commit devices.
Closes: https://github.com/projectatomic/rpm-ostree/issues/727
---
src/app/rpmostree-compose-builtin-tree.c | 50 +++++++++++++++++++++++++++++++-
1 file changed, 49 insertions(+), 1 deletion(-)
diff --git a/src/app/rpmostree-compose-builtin-tree.c b/src/app/rpmostree-compose-builtin-tree.c
index da6ea3b..6cff913 100644
--- a/src/app/rpmostree-compose-builtin-tree.c
+++ b/src/app/rpmostree-compose-builtin-tree.c
@@ -214,11 +214,56 @@ set_keyfile_string_array_from_json (GKeyFile *keyfile,
return ret;
}
+/* Prpare /dev in the target root with the API devices. TODO:
+ * Delete this when we implement https://github.com/projectatomic/rpm-ostree/issues/729
+ */
+static gboolean
+libcontainer_prep_dev (int rootfs_dfd,
+ GError **error)
+{
+
+ glnx_fd_close int src_fd = openat (AT_FDCWD, "/dev", O_RDONLY | O_NONBLOCK | O_DIRECTORY | O_CLOEXEC | O_NOCTTY);
+ if (src_fd == -1)
+ return glnx_throw_errno (error);
+
+ if (mkdirat (rootfs_dfd, "dev", 0755) != 0)
+ {
+ if (errno != ENOENT)
+ return glnx_throw_errno (error);
+ }
+
+ glnx_fd_close int dest_fd = openat (rootfs_dfd, "dev", O_RDONLY | O_NONBLOCK | O_DIRECTORY | O_CLOEXEC | O_NOCTTY);
+ if (dest_fd == -1)
+ return glnx_throw_errno (error);
+
+ static const char *const devnodes[] = { "null", "zero", "full", "random", "urandom", "tty" };
+ for (guint i = 0; i < G_N_ELEMENTS (devnodes); i++)
+ {
+ const char *nodename = devnodes[i];
+ struct stat stbuf;
+ if (fstatat (src_fd, nodename, &stbuf, 0) == -1)
+ {
+ if (errno == ENOENT)
+ continue;
+ else
+ glnx_throw_errno (error);
+ }
+
+ if (mknodat (dest_fd, nodename, stbuf.st_mode, stbuf.st_rdev) != 0)
+ return glnx_throw_errno (error);
+ if (fchmodat (dest_fd, nodename, stbuf.st_mode, 0) != 0)
+ return glnx_throw_errno (error);
+ }
+
+ return TRUE;
+}
+
static gboolean
install_packages_in_root (RpmOstreeTreeComposeContext *self,
RpmOstreeContext *ctx,
JsonObject *treedata,
GFile *yumroot,
+ int rootfs_dfd,
char **packages,
gboolean *out_unmodified,
char **out_new_inputhash,
@@ -406,6 +451,9 @@ install_packages_in_root (RpmOstreeTreeComposeContext *self,
glnx_console_lock (&console);
+ if (!libcontainer_prep_dev (rootfs_dfd, error))
+ goto out;
+
if (!dnf_transaction_commit (dnf_context_get_transaction (hifctx),
dnf_context_get_goal (hifctx),
hifstate,
@@ -915,7 +963,7 @@ rpmostree_compose_builtin_tree (int argc,
{ gboolean unmodified = FALSE;
- if (!install_packages_in_root (self, corectx, treefile, yumroot,
+ if (!install_packages_in_root (self, corectx, treefile, yumroot, rootfs_fd,
(char**)packages->pdata,
opt_force_nocache ? NULL : &unmodified,
&new_inputhash,
--
2.9.3

116
2017.3-maint.patch
View File

@ -1,7 +1,7 @@
From cea2812fc01f8e37a6cdee3abcff511f2554703a Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Mon, 6 Mar 2017 14:17:06 -0500
Subject: [PATCH 1/4] Allow and start using C99 declaration-after-statement
Subject: [PATCH 1/5] Allow and start using C99 declaration-after-statement
The equivalent of https://github.com/ostreedev/ostree/pull/718
but for this codebase.
@ -87,7 +87,7 @@ index b0aaec7..0f994e9 100644
From 94e386fc86e4208dda03090f543f3e0f415d32e4 Mon Sep 17 00:00:00 2001
From: Jonathan Lebon <jlebon@redhat.com>
Date: Thu, 9 Mar 2017 16:39:03 -0500
Subject: [PATCH 2/4] status: always include the packages entries
Subject: [PATCH 2/5] status: always include the packages entries
Pull #646 introduced a subtle regression: we went from always including
a "packages" entry to only including it if there are packages present.
@ -156,7 +156,7 @@ index 79e9562..ce10201 100755
From 8df6672500c3404847b0e42e94dba076af4f5eb6 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 10 Mar 2017 09:48:03 -0500
Subject: [PATCH 3/4] bwrap: Don't use --unshare-net in nspawn by default
Subject: [PATCH 3/5] bwrap: Don't use --unshare-net in nspawn by default
This will fix rpm-ostree-in-mock-in-koji. The drawback is minor: post scripts
will have network access. But we're going to be testing the no-network case in
@ -235,7 +235,7 @@ index 9d40059..5258439 100644
From 530d009df3afe4d769f065a2d5007e683bf81250 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 16 Mar 2017 11:29:21 -0400
Subject: [PATCH 4/4] postprocess: Handle f26 /etc/nsswitch.conf configuration
Subject: [PATCH 4/5] postprocess: Handle f26 /etc/nsswitch.conf configuration
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
@ -510,3 +510,111 @@ index 0000000..135be94
--
2.9.3
From 489b098787495cbb01c9c3243b6233b5ea04ecbc Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 6 Apr 2017 17:45:54 -0400
Subject: [PATCH 5/5] treecompose: Prepare device API mounts
This gives scripts access to e.g. `/dev/urandom`. Short term
hack until we implement https://github.com/projectatomic/rpm-ostree/issues/729
The reason we don't need to explicitly clean these up before committing is right
now for treecompose we only lift `/usr` from the RPM content, so we don't run
into ostree refusing to commit devices.
Closes: https://github.com/projectatomic/rpm-ostree/issues/727
---
src/app/rpmostree-compose-builtin-tree.c | 57 +++++++++++++++++++++++++++++++-
1 file changed, 56 insertions(+), 1 deletion(-)
diff --git a/src/app/rpmostree-compose-builtin-tree.c b/src/app/rpmostree-compose-builtin-tree.c
index 5b96349..7efe6d8 100644
--- a/src/app/rpmostree-compose-builtin-tree.c
+++ b/src/app/rpmostree-compose-builtin-tree.c
@@ -212,11 +212,63 @@ set_keyfile_string_array_from_json (GKeyFile *keyfile,
return ret;
}
+static inline gboolean
+glnx_throw_errno (GError **error)
+{
+ glnx_set_error_from_errno (error);
+ return FALSE;
+}
+
+/* Prpare /dev in the target root with the API devices. TODO:
+ * Delete this when we implement https://github.com/projectatomic/rpm-ostree/issues/729
+ */
+static gboolean
+libcontainer_prep_dev (int rootfs_dfd,
+ GError **error)
+{
+
+ glnx_fd_close int src_fd = openat (AT_FDCWD, "/dev", O_RDONLY | O_NONBLOCK | O_DIRECTORY | O_CLOEXEC | O_NOCTTY);
+ if (src_fd == -1)
+ return glnx_throw_errno (error);
+
+ if (mkdirat (rootfs_dfd, "dev", 0755) != 0)
+ {
+ if (errno != ENOENT)
+ return glnx_throw_errno (error);
+ }
+
+ glnx_fd_close int dest_fd = openat (rootfs_dfd, "dev", O_RDONLY | O_NONBLOCK | O_DIRECTORY | O_CLOEXEC | O_NOCTTY);
+ if (dest_fd == -1)
+ return glnx_throw_errno (error);
+
+ static const char *const devnodes[] = { "null", "zero", "full", "random", "urandom", "tty" };
+ for (guint i = 0; i < G_N_ELEMENTS (devnodes); i++)
+ {
+ const char *nodename = devnodes[i];
+ struct stat stbuf;
+ if (fstatat (src_fd, nodename, &stbuf, 0) == -1)
+ {
+ if (errno == ENOENT)
+ continue;
+ else
+ return glnx_throw_errno (error);
+ }
+
+ if (mknodat (dest_fd, nodename, stbuf.st_mode, stbuf.st_rdev) != 0)
+ return glnx_throw_errno (error);
+ if (fchmodat (dest_fd, nodename, stbuf.st_mode, 0) != 0)
+ return glnx_throw_errno (error);
+ }
+
+ return TRUE;
+}
+
static gboolean
install_packages_in_root (RpmOstreeTreeComposeContext *self,
RpmOstreeContext *ctx,
JsonObject *treedata,
GFile *yumroot,
+ int rootfs_dfd,
char **packages,
gboolean *out_unmodified,
char **out_new_inputhash,
@@ -401,6 +453,9 @@ install_packages_in_root (RpmOstreeTreeComposeContext *self,
glnx_console_lock (&console);
+ if (!libcontainer_prep_dev (rootfs_dfd, error))
+ goto out;
+
if (!dnf_transaction_commit (dnf_context_get_transaction (hifctx),
dnf_context_get_goal (hifctx),
hifstate,
@@ -886,7 +941,7 @@ rpmostree_compose_builtin_tree (int argc,
{ gboolean unmodified = FALSE;
- if (!install_packages_in_root (self, corectx, treefile, yumroot,
+ if (!install_packages_in_root (self, corectx, treefile, yumroot, rootfs_fd,
(char**)packages->pdata,
opt_force_nocache ? NULL : &unmodified,
&new_inputhash,
--
2.9.3

6
rpm-ostree.spec
View File

@ -1,7 +1,7 @@
Summary: Hybrid image/package system
Name: rpm-ostree
Version: 2017.3
Release: 3%{?dist}
Release: 4%{?dist}
#VCS: https://github.com/cgwalters/rpm-ostree
# This tarball is generated via "make -f Makefile.dist-packaging dist-snapshot"
Source0: rpm-ostree-%{version}.tar.xz
@ -134,6 +134,10 @@ python autofiles.py > files.devel \
%files devel -f files.devel
%changelog
* Fri Apr 07 2017 Colin Walters <walters@verbum.org> - 2017.3-4
- Backport patch to add API devices for running on CentOS 7
https://github.com/projectatomic/rpm-ostree/issues/727
* Thu Mar 16 2017 Colin Walters <walters@verbum.org> - 2017.3-3
- Add patch to fix f26 altfiles