Merge bootc branch to master
#2180
Conversation
Support automatic builds on git commits. Used to generate up to date RPMs of dnf for testing and development purposes.
Text alignment and formatting in the spec file.
Adds support for the --transient option on all transactions. Passing --transient on a bootc system will call `bootc usr-overlay` to create a transient writeable /usr and continue the transaction. Specifying --transient on a non-bootc system will throw an error; we don't want to mislead users to thinking this feature works on non-bootc systems. If --transient is not specified and the bootc system is in a locked state, the operation will be aborted and a message will be printed suggesting to try again with --transient.
|
#2186 should be merged first. |
The --transient flag only works on a bootc system, but we should test that it throws the correct error and doesn't do anything unexpected on non-bootc systems. Requires rpm-software-management/dnf#2180 and rpm-software-management/libdnf#1683.
The --transient flag only works on a bootc system, but we should test that it throws the correct error and doesn't do anything unexpected on non-bootc systems. Requires rpm-software-management/dnf#2180 and rpm-software-management/libdnf#1683.
Documents the new `--transient` command-line argument and `persistence` configuration option. I tried to use a table for listing the valid options for `persistence`, but RST does not automatically wrap table cells containing long lines, so a list was much easier.
Using libostree gives us more detail about the current state of the deployment than only checking whether /usr is writable.
To keep /usr read-only after DNF is finished with a transient transaction, we call `ostree admin unlock --transient` to mount the /usr overlay as read-only by default. Then, we create a private mount namespace for DNF and its child processes and remount the /usr overlayfs as read/write in the private mountns. os.unshare is unfortunately only available in Python >= 3.12, so we have to call libc.unshare via Python ctypes here and hardcode the CLONE_NEWNS flag that we need to pass.
|
For testing this, you'll need to do the following broad steps:
EDIT: DO NOT USE
podman-bootc is the recommended way to do all this, but from my experience it can be a little unreliable. I personally use these scripts based on bootc-image-builder and virt-install. |
dnf-bootc's only job is to Require python3-gobject-base and ostree-libs, which are needed to check the unlock status on bootc systems. We don't want to add these dependencies on `python3-dnf` because we don't want them on non-bootc systems, so we use a subpackage.
|
I was unable to test it in RHEL 9.6 bootc image as dbus fails to start for me there. I will try testing it within Fedora 40 bootc image. |
Today I noticed that my VMs based on |
|
I do update all packages. I found the cause why dbus fails to start: /etc/dbus-1/system.d has a wrong selinux label inside the image. It is etc_t, while it should be dbusd_etc_t. As far as I know ostree does not directly support extended attributes, hence the bootc tooling manages them in a separate database. Obviously the database went mad. |
|
Since today I also get a failure in mounting the root file system. Not updating all packages indeed works it around. |
|
I tried applying the commits to F40 package and have a problem getting the code working. Installing or uninstalling any package in nonbootc system raises this exception: The same happens when I run DNF from the bootc branch directly. Maybe I did something wrong. I'd like to know whether you are going to squash some commits and especially to rebase this bootc branch to the current master? Because the commits are, from an archeological point of view, one big mess. |
That's because this pull request requires libdnf change rpm-software-management/libdnf#1683. |
To prevent this we should require a minimal version of libdnf from python3-dnf package. It's not so important for upstream spec files, but handy for dnf.spec in the distributions. |
Sure, I rebased onto master and reordered/squashed some commits just now on my evan-goode/bootc branch. I think I'll have to create a new PR unless I want to rewrite history on the bootc branch, GitHub does not give me the option to change the source branch here.
Done on https://github.com/evan-goode/dnf/tree/evan-goode/bootc. Bumping libdnf version to 0.74.0 in rpm-software-management/libdnf#1692. |
|
Closing in favor of #2203, I'm more comfortable rewriting history on my own branch than the |
The --transient flag only works on a bootc system, but we should test that it throws the correct error and doesn't do anything unexpected on non-bootc systems. Requires rpm-software-management/dnf#2180 and rpm-software-management/libdnf#1683.
This PR, along with rpm-software-management/libdnf#1683, merges support for the
--transientflag and thepersistence=auto|persist|transientconfiguration option for https://issues.redhat.com/browse/RHEL-70917. See also #2155.Also included are some build files for Copr that may be useful for future feature branches similar to
bootc.Merging this PR doesn't mean that work on the
--transientfeature is 100% done, just that we're confident enough we're not going to totally scrap it and we want to continue its development on themasterbranch.