diff --git a/ci/prow/fcos-e2e.sh b/ci/prow/fcos-e2e.sh index c3cecae165..2aaef627f4 100755 --- a/ci/prow/fcos-e2e.sh +++ b/ci/prow/fcos-e2e.sh @@ -9,12 +9,7 @@ ls -al /usr/bin/rpm-ostree rpm-ostree --version cd $(mktemp -d) cosa init https://github.com/coreos/fedora-coreos-config/ -# let's turn on stateoverlays in this test since CoreOS CI already -# covers the off path -echo -e '\nopt-usrlocal: "stateoverlay"\n' >> src/config/manifest.yaml cp /cosa/component-rpms/*.rpm overrides/rpm -# XXX: temporarily import new ostree until it makes it into FCOS -(cd overrides/rpm && curl -L --remote-name-all https://kojipkgs.fedoraproject.org//packages/ostree/2024.2/1.fc39/x86_64/ostree-{,libs-}2024.2-1.fc39.x86_64.rpm) cosa fetch cosa build cosa kola run 'ext.rpm-ostree.*' diff --git a/rust/src/passwd.rs b/rust/src/passwd.rs index 79ee488f80..821497d82d 100644 --- a/rust/src/passwd.rs +++ b/rust/src/passwd.rs @@ -106,9 +106,6 @@ pub fn passwd_cleanup(rootfs_dfd: i32) -> Result<()> { /// in /usr/etc at this point), and splitting it into two streams: a new /// /etc/passwd that just contains the root entry, and /usr/lib/passwd which /// contains everything else. -/// -/// Note: the presence of /usr/lib/passwd is used in postprocess_final() to make -/// it idempotent. See related comment there. #[context("Migrating 'passwd' to /usr/lib")] pub fn migrate_passwd_except_root(rootfs_dfd: i32) -> CxxResult<()> { static ETCSRC_PATH: &str = "usr/etc/passwd"; diff --git a/src/app/rpmostree-compose-builtin-tree.cxx b/src/app/rpmostree-compose-builtin-tree.cxx index 1f2862f893..63648288ed 100644 --- a/src/app/rpmostree-compose-builtin-tree.cxx +++ b/src/app/rpmostree-compose-builtin-tree.cxx @@ -477,46 +477,6 @@ install_packages (RpmOstreeTreeComposeContext *self, gboolean *out_unmodified, std::string (previous_ref), opt_unified_core), error); - /* Assembly will regen the rpm-ostree-autovar.conf tmpfiles.d dropin; let's - * make sure to add our own static dropins before that so that they're taken - * into account when looking for dupes. */ - g_print ("Adding rpm-ostree-0-integration.conf\n"); - - /* This is useful if we're running in an uninstalled configuration, e.g. - * during tests. */ - const char *pkglibdir_path = g_getenv ("RPMOSTREE_UNINSTALLED_PKGLIBDIR") ?: PKGLIBDIR; - glnx_autofd int pkglibdir_dfd = -1; - if (!glnx_opendirat (AT_FDCWD, pkglibdir_path, TRUE, &pkglibdir_dfd, error)) - return FALSE; - - if (!glnx_shutil_mkdir_p_at (rootfs_dfd, "usr/lib/tmpfiles.d", 0755, cancellable, error)) - return FALSE; - - if (!glnx_file_copy_at (pkglibdir_dfd, "rpm-ostree-0-integration.conf", NULL, rootfs_dfd, - "usr/lib/tmpfiles.d/rpm-ostree-0-integration.conf", - GLNX_FILE_COPY_NOXATTRS, /* Don't take selinux label */ - cancellable, error)) - return FALSE; - - if ((*self->treefile_rs)->get_opt_usrlocal () == rpmostreecxx::OptUsrLocal::StateOverlay) - { - if (!glnx_file_copy_at ( - pkglibdir_dfd, "rpm-ostree-0-integration-opt-usrlocal-compat.conf", NULL, rootfs_dfd, - "usr/lib/tmpfiles.d/rpm-ostree-0-integration-opt-usrlocal-compat.conf", - GLNX_FILE_COPY_NOXATTRS, /* Don't take selinux label */ - cancellable, error)) - return FALSE; - } - else - { - if (!glnx_file_copy_at (pkglibdir_dfd, "rpm-ostree-0-integration-opt-usrlocal.conf", NULL, - rootfs_dfd, - "usr/lib/tmpfiles.d/rpm-ostree-0-integration-opt-usrlocal.conf", - GLNX_FILE_COPY_NOXATTRS, /* Don't take selinux label */ - cancellable, error)) - return FALSE; - } - if (opt_unified_core) { if (!rpmostree_context_import (self->corectx, cancellable, error)) diff --git a/src/libpriv/rpmostree-postprocess.cxx b/src/libpriv/rpmostree-postprocess.cxx index 9b5cdec7be..311de70f0c 100644 --- a/src/libpriv/rpmostree-postprocess.cxx +++ b/src/libpriv/rpmostree-postprocess.cxx @@ -368,12 +368,13 @@ postprocess_final (int rootfs_dfd, rpmostreecxx::Treefile &treefile, gboolean un { GLNX_AUTO_PREFIX_ERROR ("Finalizing rootfs", error); - /* Use the presence of /usr/lib/passwd as an "idempotence" marker to + /* Use installation of the tmpfiles integration as an "idempotence" marker to * avoid doing postprocessing twice, which can happen when mixing `compose * postprocess-root` with `compose commit`. */ - const char usr_lib_passwd[] = "usr/lib/password"; - if (!glnx_fstatat_allow_noent (rootfs_dfd, usr_lib_passwd, NULL, AT_SYMLINK_NOFOLLOW, error)) + const char tmpfiles_integration_path[] = "usr/lib/tmpfiles.d/rpm-ostree-0-integration.conf"; + if (!glnx_fstatat_allow_noent (rootfs_dfd, tmpfiles_integration_path, NULL, AT_SYMLINK_NOFOLLOW, + error)) return FALSE; if (errno == 0) return TRUE; @@ -446,6 +447,43 @@ postprocess_final (int rootfs_dfd, rpmostreecxx::Treefile &treefile, gboolean un if (!rpmostree_rootfs_postprocess_common (rootfs_dfd, cancellable, error)) return FALSE; + g_print ("Adding rpm-ostree-0-integration.conf\n"); + /* This is useful if we're running in an uninstalled configuration, e.g. + * during tests. */ + const char *pkglibdir_path = g_getenv ("RPMOSTREE_UNINSTALLED_PKGLIBDIR") ?: PKGLIBDIR; + glnx_autofd int pkglibdir_dfd = -1; + + if (!glnx_opendirat (AT_FDCWD, pkglibdir_path, TRUE, &pkglibdir_dfd, error)) + return FALSE; + + if (!glnx_shutil_mkdir_p_at (rootfs_dfd, "usr/lib/tmpfiles.d", 0755, cancellable, error)) + return FALSE; + + if (!glnx_file_copy_at (pkglibdir_dfd, "rpm-ostree-0-integration.conf", NULL, rootfs_dfd, + tmpfiles_integration_path, + GLNX_FILE_COPY_NOXATTRS, /* Don't take selinux label */ + cancellable, error)) + return FALSE; + + if (treefile.get_opt_usrlocal () == rpmostreecxx::OptUsrLocal::StateOverlay) + { + if (!glnx_file_copy_at ( + pkglibdir_dfd, "rpm-ostree-0-integration-opt-usrlocal-compat.conf", NULL, rootfs_dfd, + "usr/lib/tmpfiles.d/rpm-ostree-0-integration-opt-usrlocal-compat.conf", + GLNX_FILE_COPY_NOXATTRS, /* Don't take selinux label */ + cancellable, error)) + return FALSE; + } + else + { + if (!glnx_file_copy_at (pkglibdir_dfd, "rpm-ostree-0-integration-opt-usrlocal.conf", NULL, + rootfs_dfd, + "usr/lib/tmpfiles.d/rpm-ostree-0-integration-opt-usrlocal.conf", + GLNX_FILE_COPY_NOXATTRS, /* Don't take selinux label */ + cancellable, error)) + return FALSE; + } + /* Handle kernel/initramfs if we're not doing a container */ if (!container) { diff --git a/tests/kolainst/destructive/state-overlays b/tests/kolainst/destructive/state-overlays index be06d2981b..1787a2b25d 100755 --- a/tests/kolainst/destructive/state-overlays +++ b/tests/kolainst/destructive/state-overlays @@ -1,8 +1,13 @@ #!/bin/bash + ## kola: ## tags: "needs-internet" -set -xeuo pipefail +set -euo pipefail + +# NOTE: This is disabled until https://github.com/coreos/rpm-ostree/issues/4879 +# is re-enabled. +exit 0 . ${KOLA_EXT_DATA}/libtest.sh @@ -31,7 +36,7 @@ case "${AUTOPKGTEST_REBOOT_MARK:-}" in rpm-ostree override replace https://bodhi.fedoraproject.org/updates/FEDORA-2024-6c7480dd2f fi - # FCOS doesn't enable opt-usrlocal = stateoverlay yet. It's on in Prow CI though. + # FCOS doesn't enable opt-usrlocal = stateoverlay. It's on in Prow CI though. # Just check the treefile so we do the right thing regardless of CoreOS CI # or Prow. if test "$(jq -r '.["opt-usrlocal"]' /usr/share/rpm-ostree/treefile.json)" = null; then @@ -40,14 +45,14 @@ case "${AUTOPKGTEST_REBOOT_MARK:-}" in [Service] Environment=RPMOSTREE_EXPERIMENTAL_FORCE_OPT_USRLOCAL_OVERLAY=1 EOF + fi - # This script itself is in /usr/local, so we need to move it back on top - # of the overlay if we used the hack. This simultaneously demos one way - # upgrading nodes could retain content if we turn on opt-usrlocal-overlays - # in FCOS. - cat > /etc/systemd/system/move-usr-local.service < /etc/systemd/system/move-usr-local.service <