gboolean ot_admin_builtin_os_init (int argc, char **argv, GCancellable *cancellable, GError **error) { g_autoptr(GOptionContext) context = NULL; glnx_unref_object OstreeSysroot *sysroot = NULL; gboolean ret = FALSE; const char *osname = NULL; context = g_option_context_new ("OSNAME - Initialize empty state for given operating system"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_ensure_initialized (sysroot, cancellable, error)) goto out; if (argc < 2) { ot_util_usage_error (context, "OSNAME must be specified", error); goto out; } osname = argv[1]; if (!ostree_sysroot_init_osname (sysroot, osname, cancellable, error)) goto out; g_print ("ostree/deploy/%s initialized as OSTree root\n", osname); ret = TRUE; out: return ret; }
gboolean ot_admin_builtin_cleanup (int argc, char **argv, GCancellable *cancellable, GError **error) { GOptionContext *context; glnx_unref_object OstreeSysroot *sysroot = NULL; gboolean ret = FALSE; context = g_option_context_new ("Delete untagged deployments and repository objects"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; if (!ostree_sysroot_cleanup (sysroot, cancellable, error)) goto out; ret = TRUE; out: if (context) g_option_context_free (context); return ret; }
gboolean ot_admin_builtin_unlock (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; g_autoptr(GOptionContext) context = NULL; g_autoptr(OstreeSysroot) sysroot = NULL; OstreeDeployment *booted_deployment = NULL; OstreeDeploymentUnlockedState target_state; context = g_option_context_new (""); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, invocation, &sysroot, cancellable, error)) goto out; if (argc > 1) { ot_util_usage_error (context, "This command takes no extra arguments", error); goto out; } booted_deployment = ostree_sysroot_get_booted_deployment (sysroot); if (!booted_deployment) { g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Not currently booted into an OSTree system"); goto out; } target_state = opt_hotfix ? OSTREE_DEPLOYMENT_UNLOCKED_HOTFIX : OSTREE_DEPLOYMENT_UNLOCKED_DEVELOPMENT; if (!ostree_sysroot_deployment_unlock (sysroot, booted_deployment, target_state, cancellable, error)) goto out; switch (target_state) { case OSTREE_DEPLOYMENT_UNLOCKED_NONE: g_assert_not_reached (); break; case OSTREE_DEPLOYMENT_UNLOCKED_HOTFIX: g_print ("Hotfix mode enabled. A writable overlayfs is now mounted on /usr\n" "for this booted deployment. A non-hotfixed clone has been created\n" "as the non-default rollback target.\n"); break; case OSTREE_DEPLOYMENT_UNLOCKED_DEVELOPMENT: g_print ("Development mode enabled. A writable overlayfs is now mounted on /usr.\n" "All changes there will be discarded on reboot.\n"); break; } ret = TRUE; out: return ret; }
gboolean ot_admin_instutil_builtin_grub2_generate (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; guint bootversion; g_autoptr(GOptionContext) context = NULL; glnx_unref_object OstreeSysroot *sysroot = NULL; context = g_option_context_new ("[BOOTVERSION] - generate GRUB2 configuration from given BLS entries"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; if (argc >= 2) { bootversion = (guint) g_ascii_strtoull (argv[1], NULL, 10); if (!(bootversion == 0 || bootversion == 1)) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Invalid bootversion: %u", bootversion); goto out; } } else { const char *bootversion_env = g_getenv ("_OSTREE_GRUB2_BOOTVERSION"); if (bootversion_env) bootversion = g_ascii_strtoull (bootversion_env, NULL, 10); else bootversion = ostree_sysroot_get_bootversion (sysroot); g_assert (bootversion == 0 || bootversion == 1); } if (!ostree_cmd__private__()->ostree_generate_grub2_config (sysroot, bootversion, 1, cancellable, error)) goto out; ret = TRUE; out: return ret; }
gboolean ot_admin_builtin_os_init (int argc, char **argv, GCancellable *cancellable, GError **error) { GOptionContext *context; glnx_unref_object OstreeSysroot *sysroot = NULL; gboolean ret = FALSE; const char *osname = NULL; g_autoptr(GFile) deploy_dir = NULL; g_autoptr(GFile) dir = NULL; context = g_option_context_new ("OSNAME - Initialize empty state for given operating system"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_ensure_initialized (sysroot, cancellable, error)) goto out; if (argc < 2) { ot_util_usage_error (context, "OSNAME must be specified", error); goto out; } osname = argv[1]; deploy_dir = ot_gfile_get_child_build_path (ostree_sysroot_get_path (sysroot), "ostree", "deploy", osname, NULL); /* Ensure core subdirectories of /var exist, since we need them for * dracut generation, and the host will want them too. */ g_clear_object (&dir); dir = ot_gfile_get_child_build_path (deploy_dir, "var", "tmp", NULL); if (!gs_file_ensure_directory (dir, TRUE, cancellable, error)) goto out; if (chmod (gs_file_get_path_cached (dir), 01777) < 0) { gs_set_error_from_errno (error, errno); goto out; } g_clear_object (&dir); dir = ot_gfile_get_child_build_path (deploy_dir, "var", "lib", NULL); if (!gs_file_ensure_directory (dir, TRUE, cancellable, error)) goto out; g_clear_object (&dir); dir = ot_gfile_get_child_build_path (deploy_dir, "var", "run", NULL); if (!g_file_test (gs_file_get_path_cached (dir), G_FILE_TEST_IS_SYMLINK)) { if (symlink ("../run", gs_file_get_path_cached (dir)) < 0) { gs_set_error_from_errno (error, errno); goto out; } } dir = ot_gfile_get_child_build_path (deploy_dir, "var", "lock", NULL); if (!g_file_test (gs_file_get_path_cached (dir), G_FILE_TEST_IS_SYMLINK)) { if (symlink ("../run/lock", gs_file_get_path_cached (dir)) < 0) { gs_set_error_from_errno (error, errno); goto out; } } g_print ("%s initialized as OSTree root\n", gs_file_get_path_cached (deploy_dir)); ret = TRUE; out: if (context) g_option_context_free (context); return ret; }
gboolean ot_admin_builtin_upgrade (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; GOptionContext *context; glnx_unref_object OstreeSysroot *sysroot = NULL; glnx_unref_object OstreeSysrootUpgrader *upgrader = NULL; g_autofree char *origin_remote = NULL; g_autofree char *origin_ref = NULL; g_autofree char *origin_refspec = NULL; g_autofree char *new_revision = NULL; g_autoptr(GFile) deployment_path = NULL; g_autoptr(GFile) deployment_origin_path = NULL; glnx_unref_object OstreeDeployment *merge_deployment = NULL; glnx_unref_object OstreeDeployment *new_deployment = NULL; GSConsole *console = NULL; gboolean in_status_line = FALSE; glnx_unref_object OstreeAsyncProgress *progress = NULL; gboolean changed; OstreeSysrootUpgraderPullFlags upgraderpullflags = 0; context = g_option_context_new ("Construct new tree from current origin and deploy it, if it changed"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; upgrader = ostree_sysroot_upgrader_new_for_os (sysroot, opt_osname, cancellable, error); if (!upgrader) goto out; console = gs_console_get (); if (console) { gs_console_begin_status_line (console, "", NULL, NULL); in_status_line = TRUE; progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, console); } if (opt_allow_downgrade) upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER; if (!ostree_sysroot_upgrader_pull (upgrader, 0, upgraderpullflags, progress, &changed, cancellable, error)) goto out; if (in_status_line) { gs_console_end_status_line (console, NULL, NULL); in_status_line = FALSE; } if (!changed) { g_print ("No update available.\n"); } else { g_autoptr(GFile) real_sysroot = g_file_new_for_path ("/"); if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error)) goto out; if (opt_reboot && g_file_equal (ostree_sysroot_get_path (sysroot), real_sysroot)) { gs_subprocess_simple_run_sync (NULL, GS_SUBPROCESS_STREAM_DISPOSITION_INHERIT, cancellable, error, "systemctl", "reboot", NULL); } } ret = TRUE; out: if (in_status_line) gs_console_end_status_line (console, NULL, NULL); if (context) g_option_context_free (context); return ret; }
gboolean ot_admin_builtin_set_origin (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; GOptionContext *context; const char *remotename = NULL; const char *url = NULL; const char *branch = NULL; gs_unref_object OstreeRepo *repo = NULL; gs_unref_object OstreeSysroot *sysroot = NULL; OstreeDeployment *target_deployment = NULL; context = g_option_context_new ("REMOTENAME URL [BRANCH]"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, &sysroot, cancellable, error)) goto out; if (argc < 3) { ot_util_usage_error (context, "REMOTENAME and URL must be specified", error); goto out; } remotename = argv[1]; url = argv[2]; if (argc > 3) branch = argv[3]; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error)) goto out; if (opt_index == -1) { target_deployment = ostree_sysroot_get_booted_deployment (sysroot); if (target_deployment == NULL) { g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Not currently booted into an OSTree system"); goto out; } } else { target_deployment = ot_admin_get_indexed_deployment (sysroot, opt_index, error); if (!target_deployment) goto out; } { char **iter; gs_unref_variant_builder GVariantBuilder *optbuilder = g_variant_builder_new (G_VARIANT_TYPE ("a{sv}")); for (iter = opt_set; iter && *iter; iter++) { const char *keyvalue = *iter; gs_free char *subkey = NULL; gs_free char *subvalue = NULL; if (!ot_parse_keyvalue (keyvalue, &subkey, &subvalue, error)) goto out; g_variant_builder_add (optbuilder, "{s@v}", subkey, g_variant_new_variant (g_variant_new_string (subvalue))); } if (!ostree_repo_remote_change (repo, NULL, OSTREE_REPO_REMOTE_CHANGE_ADD_IF_NOT_EXISTS, remotename, url, g_variant_builder_end (optbuilder), cancellable, error)) goto out; } { GKeyFile *old_origin = ostree_deployment_get_origin (target_deployment); gs_free char *origin_refspec = g_key_file_get_string (old_origin, "origin", "refspec", NULL); gs_free char *new_refspec = NULL; gs_free char *origin_remote = NULL; gs_free char *origin_ref = NULL; if (!ostree_parse_refspec (origin_refspec, &origin_remote, &origin_ref, error)) goto out; { gs_free char *new_refspec = g_strconcat (remotename, ":", branch ? branch : origin_ref, NULL); gs_unref_keyfile GKeyFile *new_origin = NULL; gs_unref_object GFile *origin_path = NULL; new_origin = ostree_sysroot_origin_new_from_refspec (sysroot, new_refspec); if (!ostree_sysroot_write_origin_file (sysroot, target_deployment, new_origin, cancellable, error)) goto out; } } ret = TRUE; out: if (context) g_option_context_free (context); return ret; }
gboolean ot_admin_builtin_switch (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error) { g_autoptr(GOptionContext) context = g_option_context_new ("REF"); g_autoptr(OstreeSysroot) sysroot = NULL; if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, invocation, &sysroot, cancellable, error)) return FALSE; if (argc < 2) { ot_util_usage_error (context, "REF must be specified", error); return FALSE; } const char *new_provided_refspec = argv[1]; g_autoptr(OstreeSysrootUpgrader) upgrader = ostree_sysroot_upgrader_new_for_os_with_flags (sysroot, opt_osname, OSTREE_SYSROOT_UPGRADER_FLAGS_IGNORE_UNCONFIGURED, cancellable, error); if (!upgrader) return FALSE; GKeyFile *old_origin = ostree_sysroot_upgrader_get_origin (upgrader); g_autofree char *origin_refspec = g_key_file_get_string (old_origin, "origin", "refspec", NULL); g_autofree char *origin_remote = NULL; g_autofree char *origin_ref = NULL; if (!ostree_parse_refspec (origin_refspec, &origin_remote, &origin_ref, error)) return FALSE; g_autofree char *new_remote = NULL; g_autofree char *new_ref = NULL; /* Allow just switching remotes */ if (g_str_has_suffix (new_provided_refspec, ":")) { new_remote = g_strdup (new_provided_refspec); new_remote[strlen(new_remote)-1] = '\0'; new_ref = g_strdup (origin_ref); } else { if (!ostree_parse_refspec (new_provided_refspec, &new_remote, &new_ref, error)) return FALSE; } const char* remote = new_remote ?: origin_remote; g_autofree char *new_refspec = NULL; if (remote) new_refspec = g_strconcat (remote, ":", new_ref, NULL); else new_refspec = g_strdup (new_ref); if (strcmp (origin_refspec, new_refspec) == 0) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Old and new refs are equal: %s", new_refspec); return FALSE; } g_autoptr(GKeyFile) new_origin = ostree_sysroot_origin_new_from_refspec (sysroot, new_refspec); if (!ostree_sysroot_upgrader_set_origin (upgrader, new_origin, cancellable, error)) return FALSE; { g_auto(GLnxConsoleRef) console = { 0, }; glnx_console_lock (&console); g_autoptr(OstreeAsyncProgress) progress = NULL; if (console.is_tty) progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, &console); /* Always allow older...there's not going to be a chronological * relationship necessarily. */ gboolean changed; if (!ostree_sysroot_upgrader_pull (upgrader, 0, OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER, progress, &changed, cancellable, error)) return FALSE; if (progress) ostree_async_progress_finish (progress); } if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error)) return FALSE; OstreeRepo *repo = ostree_sysroot_repo (sysroot); if (!ostree_repo_prepare_transaction (repo, NULL, cancellable, error)) return FALSE; g_print ("Deleting ref '%s:%s'\n", origin_remote, origin_ref); ostree_repo_transaction_set_ref (repo, origin_remote, origin_ref, NULL); if (!ostree_repo_commit_transaction (repo, NULL, cancellable, error)) return FALSE; if (opt_reboot) { if (!ot_admin_execve_reboot (sysroot, error)) return FALSE; } return TRUE; }
gboolean ot_admin_instutil_builtin_selinux_ensure_labeled (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; const char *policy_name; g_autoptr(GFile) subpath = NULL; const char *prefix = NULL; glnx_unref_object OstreeSePolicy *sepolicy = NULL; g_autoptr(GPtrArray) deployments = NULL; OstreeDeployment *first_deployment; GOptionContext *context = NULL; glnx_unref_object OstreeSysroot *sysroot = NULL; g_autoptr(GFile) deployment_path = NULL; context = g_option_context_new ("[SUBPATH PREFIX] - relabel all or part of a deployment"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; deployments = ostree_sysroot_get_deployments (sysroot); if (deployments->len == 0) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Unable to find a deployment in sysroot"); goto out; } first_deployment = deployments->pdata[0]; deployment_path = ostree_sysroot_get_deployment_directory (sysroot, first_deployment); if (argc >= 2) { subpath = g_file_new_for_path (argv[1]); prefix = argv[2]; } else { subpath = g_object_ref (deployment_path); prefix = ""; } sepolicy = ostree_sepolicy_new (deployment_path, cancellable, error); if (!sepolicy) goto out; policy_name = ostree_sepolicy_get_name (sepolicy); if (policy_name) { g_print ("Relabeling using policy '%s'\n", policy_name); if (!selinux_relabel_dir (sepolicy, subpath, prefix, cancellable, error)) goto out; } else g_print ("No SELinux policy found in deployment '%s'\n", gs_file_get_path_cached (deployment_path)); ret = TRUE; out: if (context) g_option_context_free (context); return ret; }
gboolean ot_admin_builtin_deploy (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; const char *refspec; GOptionContext *context; glnx_unref_object OstreeSysroot *sysroot = NULL; GKeyFile *origin = NULL; glnx_unref_object OstreeRepo *repo = NULL; g_autoptr(GPtrArray) new_deployments = NULL; glnx_unref_object OstreeDeployment *new_deployment = NULL; glnx_unref_object OstreeDeployment *merge_deployment = NULL; g_autofree char *revision = NULL; __attribute__((cleanup(_ostree_kernel_args_cleanup))) OstreeKernelArgs *kargs = NULL; context = g_option_context_new ("REFSPEC - Checkout revision REFSPEC as the new default deployment"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, &sysroot, cancellable, error)) goto out; if (argc < 2) { ot_util_usage_error (context, "REF/REV must be specified", error); goto out; } refspec = argv[1]; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error)) goto out; /* Find the currently booted deployment, if any; we will ensure it * is present in the new deployment list. */ if (!ot_admin_require_booted_deployment_or_osname (sysroot, opt_osname, cancellable, error)) { g_prefix_error (error, "Looking for booted deployment: "); goto out; } if (opt_origin_path) { origin = g_key_file_new (); if (!g_key_file_load_from_file (origin, opt_origin_path, 0, error)) goto out; } else { origin = ostree_sysroot_origin_new_from_refspec (sysroot, refspec); } if (!ostree_repo_resolve_rev (repo, refspec, FALSE, &revision, error)) goto out; merge_deployment = ostree_sysroot_get_merge_deployment (sysroot, opt_osname); /* Here we perform cleanup of any leftover data from previous * partial failures. This avoids having to call gs_shutil_rm_rf() * at random points throughout the process. * * TODO: Add /ostree/transaction file, and only do this cleanup if * we find it. */ if (!ostree_sysroot_prepare_cleanup (sysroot, cancellable, error)) { g_prefix_error (error, "Performing initial cleanup: "); goto out; } kargs = _ostree_kernel_args_new (); /* If they want the current kernel's args, they very likely don't * want the ones from the merge. */ if (opt_kernel_proc_cmdline) { if (!_ostree_kernel_args_append_proc_cmdline (kargs, cancellable, error)) goto out; } else if (merge_deployment) { OstreeBootconfigParser *bootconfig = ostree_deployment_get_bootconfig (merge_deployment); g_auto(GStrv) previous_args = g_strsplit (ostree_bootconfig_parser_get (bootconfig, "options"), " ", -1); _ostree_kernel_args_append_argv (kargs, previous_args); } if (opt_kernel_argv) { _ostree_kernel_args_replace_argv (kargs, opt_kernel_argv); } if (opt_kernel_argv_append) { _ostree_kernel_args_append_argv (kargs, opt_kernel_argv_append); } { g_auto(GStrv) kargs_strv = _ostree_kernel_args_to_strv (kargs); if (!ostree_sysroot_deploy_tree (sysroot, opt_osname, revision, origin, merge_deployment, kargs_strv, &new_deployment, cancellable, error)) goto out; } if (!ostree_sysroot_simple_write_deployment (sysroot, opt_osname, new_deployment, merge_deployment, opt_retain ? OSTREE_SYSROOT_SIMPLE_WRITE_DEPLOYMENT_FLAGS_RETAIN : 0, cancellable, error)) goto out; ret = TRUE; out: if (origin) g_key_file_unref (origin); if (context) g_option_context_free (context); return ret; }
gboolean ot_admin_instutil_builtin_set_kargs (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; guint i; g_autoptr(GPtrArray) deployments = NULL; OstreeDeployment *first_deployment = NULL; GOptionContext *context = NULL; glnx_unref_object OstreeSysroot *sysroot = NULL; __attribute__((cleanup(_ostree_kernel_args_cleanup))) OstreeKernelArgs *kargs = NULL; context = g_option_context_new ("ARGS - set new kernel command line arguments"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; deployments = ostree_sysroot_get_deployments (sysroot); if (deployments->len == 0) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Unable to find a deployment in sysroot"); goto out; } first_deployment = deployments->pdata[0]; kargs = _ostree_kernel_args_new (); /* If they want the current kernel's args, they very likely don't * want the ones from the merge. */ if (opt_proc_cmdline) { if (!_ostree_kernel_args_append_proc_cmdline (kargs, cancellable, error)) goto out; } else if (opt_merge) { OstreeBootconfigParser *bootconfig = ostree_deployment_get_bootconfig (first_deployment); g_auto(GStrv) previous_args = g_strsplit (ostree_bootconfig_parser_get (bootconfig, "options"), " ", -1); _ostree_kernel_args_append_argv (kargs, previous_args); } if (opt_replace) { _ostree_kernel_args_replace_argv (kargs, opt_replace); } if (opt_append) { _ostree_kernel_args_append_argv (kargs, opt_append); } for (i = 1; i < argc; i++) _ostree_kernel_args_append (kargs, argv[i]); { g_auto(GStrv) kargs_strv = _ostree_kernel_args_to_strv (kargs); if (!ostree_sysroot_deployment_set_kargs (sysroot, first_deployment, kargs_strv, cancellable, error)) goto out; } ret = TRUE; out: if (context) g_option_context_free (context); return ret; }
gboolean ot_admin_builtin_upgrade (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; g_autoptr(GOptionContext) context = NULL; glnx_unref_object OstreeSysroot *sysroot = NULL; glnx_unref_object OstreeSysrootUpgrader *upgrader = NULL; g_autoptr(GKeyFile) origin = NULL; glnx_unref_object OstreeAsyncProgress *progress = NULL; gboolean changed; OstreeSysrootUpgraderPullFlags upgraderpullflags = 0; context = g_option_context_new ("Construct new tree from current origin and deploy it, if it changed"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; upgrader = ostree_sysroot_upgrader_new_for_os (sysroot, opt_osname, cancellable, error); if (!upgrader) goto out; origin = ostree_sysroot_upgrader_dup_origin (upgrader); if (origin != NULL) { gboolean origin_changed = FALSE; if (opt_override_commit != NULL) { /* Override the commit to pull and deploy. */ g_key_file_set_string (origin, "origin", "override-commit", opt_override_commit); origin_changed = TRUE; } else { /* Strip any override-commit from the origin file so * we always upgrade to the latest available commit. */ origin_changed = g_key_file_remove_key (origin, "origin", "override-commit", NULL); } /* Should we consider requiring --discard-hotfix here? */ origin_changed |= g_key_file_remove_key (origin, "origin", "unlocked", NULL); if (origin_changed) { /* XXX GCancellable parameter is not used. */ if (!ostree_sysroot_upgrader_set_origin (upgrader, origin, NULL, error)) goto out; } } { g_auto(GLnxConsoleRef) console = { 0, }; glnx_console_lock (&console); if (console.is_tty) progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, &console); if (opt_allow_downgrade) upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER; if (!ostree_sysroot_upgrader_pull (upgrader, 0, upgraderpullflags, progress, &changed, cancellable, error)) goto out; if (progress) ostree_async_progress_finish (progress); } if (!changed) { g_print ("No update available.\n"); } else { if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error)) goto out; if (opt_reboot) { if (!ot_admin_execve_reboot (sysroot, error)) goto out; } } ret = TRUE; out: return ret; }
gboolean ot_admin_builtin_status (int argc, char **argv, GCancellable *cancellable, GError **error) { g_autoptr(GOptionContext) context = NULL; glnx_unref_object OstreeSysroot *sysroot = NULL; gboolean ret = FALSE; glnx_unref_object OstreeRepo *repo = NULL; OstreeDeployment *booted_deployment = NULL; g_autoptr(GPtrArray) deployments = NULL; const int is_tty = isatty (1); const char *red_bold_prefix = is_tty ? "\x1b[31m\x1b[1m" : ""; const char *red_bold_suffix = is_tty ? "\x1b[22m\x1b[0m" : ""; guint i; context = g_option_context_new ("List deployments"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED, &sysroot, cancellable, error)) goto out; if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error)) goto out; deployments = ostree_sysroot_get_deployments (sysroot); booted_deployment = ostree_sysroot_get_booted_deployment (sysroot); if (deployments->len == 0) { g_print ("No deployments.\n"); } else { for (i = 0; i < deployments->len; i++) { OstreeDeployment *deployment = deployments->pdata[i]; GKeyFile *origin; const char *ref = ostree_deployment_get_csum (deployment); OstreeDeploymentUnlockedState unlocked = ostree_deployment_get_unlocked (deployment); g_autofree char *version = version_of_commit (repo, ref); glnx_unref_object OstreeGpgVerifyResult *result = NULL; GString *output_buffer; guint jj, n_signatures; GError *local_error = NULL; origin = ostree_deployment_get_origin (deployment); g_print ("%c %s %s.%d\n", deployment == booted_deployment ? '*' : ' ', ostree_deployment_get_osname (deployment), ostree_deployment_get_csum (deployment), ostree_deployment_get_deployserial (deployment)); if (version) g_print (" Version: %s\n", version); switch (unlocked) { case OSTREE_DEPLOYMENT_UNLOCKED_NONE: break; default: g_print (" %sUnlocked: %s%s\n", red_bold_prefix, ostree_deployment_unlocked_state_to_string (unlocked), red_bold_suffix); } if (!origin) g_print (" origin: none\n"); else { g_autofree char *origin_refspec = g_key_file_get_string (origin, "origin", "refspec", NULL); if (!origin_refspec) g_print (" origin: <unknown origin type>\n"); else g_print (" origin refspec: %s\n", origin_refspec); } if (deployment_get_gpg_verify (deployment, repo)) { /* Print any digital signatures on this commit. */ result = ostree_repo_verify_commit_ext (repo, ref, NULL, NULL, cancellable, &local_error); /* G_IO_ERROR_NOT_FOUND just means the commit is not signed. */ if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND)) { g_clear_error (&local_error); continue; } else if (local_error != NULL) { g_propagate_error (error, local_error); goto out; } output_buffer = g_string_sized_new (256); n_signatures = ostree_gpg_verify_result_count_all (result); for (jj = 0; jj < n_signatures; jj++) { ostree_gpg_verify_result_describe (result, jj, output_buffer, " GPG: ", OSTREE_GPG_SIGNATURE_FORMAT_DEFAULT); } g_print ("%s", output_buffer->str); g_string_free (output_buffer, TRUE); } } } ret = TRUE; out: return ret; }
gboolean ostree_builtin_admin (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; const char *subcommand_name = NULL; OstreeAdminCommand *subcommand; gs_free char *prgname = NULL; int in, out; /* * Parse the global options. We rearrange the options as * necessary, in order to pass relevant options through * to the commands, but also have them take effect globally. */ for (in = 1, out = 1; in < argc; in++, out++) { /* The non-option is the command, take it out of the arguments */ if (argv[in][0] != '-') { if (subcommand_name == NULL) { subcommand_name = argv[in]; out--; continue; } } else if (g_str_equal (argv[in], "--")) { break; } argv[out] = argv[in]; } argc = out; subcommand = admin_subcommands; while (subcommand->name) { if (g_strcmp0 (subcommand_name, subcommand->name) == 0) break; subcommand++; } if (!subcommand->name) { GOptionContext *context; gs_free char *help; context = ostree_admin_option_context_new_with_commands (); /* This will not return for some options (e.g. --version). */ if (ostree_admin_option_context_parse (context, NULL, &argc, &argv, NULL, cancellable, error)) { if (subcommand_name == NULL) { g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED, "No \"admin\" subcommand specified"); } else { g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED, "Unknown \"admin\" subcommand '%s'", subcommand_name); } } help = g_option_context_get_help (context, FALSE, NULL); g_printerr ("%s", help); g_option_context_free (context); goto out; } prgname = g_strdup_printf ("%s %s", g_get_prgname (), subcommand_name); g_set_prgname (prgname); if (!subcommand->fn (argc, argv, cancellable, error)) goto out; ret = TRUE; out: return ret; }
gboolean ot_admin_builtin_upgrade (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error) { g_autoptr(GOptionContext) context = g_option_context_new (""); g_autoptr(OstreeSysroot) sysroot = NULL; if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, invocation, &sysroot, cancellable, error)) return FALSE; if (opt_pull_only && opt_deploy_only) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Cannot simultaneously specify --pull-only and --deploy-only"); return FALSE; } else if (opt_pull_only && opt_reboot) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, "Cannot simultaneously specify --pull-only and --reboot"); return FALSE; } g_autoptr(OstreeSysrootUpgrader) upgrader = ostree_sysroot_upgrader_new_for_os (sysroot, opt_osname, cancellable, error); if (!upgrader) return FALSE; g_autoptr(GKeyFile) origin = ostree_sysroot_upgrader_dup_origin (upgrader); if (origin != NULL) { gboolean origin_changed = FALSE; if (opt_override_commit != NULL) { /* Override the commit to pull and deploy. */ g_key_file_set_string (origin, "origin", "override-commit", opt_override_commit); origin_changed = TRUE; } else { /* Strip any override-commit from the origin file so * we always upgrade to the latest available commit. */ origin_changed = g_key_file_remove_key (origin, "origin", "override-commit", NULL); } /* Should we consider requiring --discard-hotfix here? */ origin_changed |= g_key_file_remove_key (origin, "origin", "unlocked", NULL); if (origin_changed) { /* XXX GCancellable parameter is not used. */ if (!ostree_sysroot_upgrader_set_origin (upgrader, origin, NULL, error)) return FALSE; } } gboolean changed; OstreeSysrootUpgraderPullFlags upgraderpullflags = 0; if (opt_deploy_only) upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_SYNTHETIC; { g_auto(GLnxConsoleRef) console = { 0, }; glnx_console_lock (&console); g_autoptr(OstreeAsyncProgress) progress = NULL; if (console.is_tty) progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, &console); if (opt_allow_downgrade) upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER; if (!ostree_sysroot_upgrader_pull (upgrader, 0, upgraderpullflags, progress, &changed, cancellable, error)) { /* In the pull-only case, we do a cleanup here to ensure that if * multiple commits were pulled, we garbage collect any old * partially-pulled intermediate commits before pulling more. This is * really a best practice in general, but for maximum compatiblity, we * only do cleanup if a user specifies the new --pull-only option. * Otherwise, we would break the case of trying to deploy a commit that * isn't directly referenced. */ if (opt_pull_only) (void) ostree_sysroot_cleanup (sysroot, NULL, NULL); return FALSE; } if (progress) ostree_async_progress_finish (progress); } if (!changed) { g_print ("No update available.\n"); } else { if (!opt_pull_only) { if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error)) return FALSE; } if (opt_reboot) { if (!ot_admin_execve_reboot (sysroot, error)) return FALSE; } } return TRUE; }
gboolean ot_admin_builtin_status (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error) { const int is_tty = isatty (1); const char *red_bold_prefix = is_tty ? "\x1b[31m\x1b[1m" : ""; const char *red_bold_suffix = is_tty ? "\x1b[22m\x1b[0m" : ""; g_autoptr(GOptionContext) context = g_option_context_new (""); g_autoptr(OstreeSysroot) sysroot = NULL; if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED, invocation, &sysroot, cancellable, error)) return FALSE; g_autoptr(OstreeRepo) repo = NULL; if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error)) return FALSE; g_autoptr(GPtrArray) deployments = ostree_sysroot_get_deployments (sysroot); OstreeDeployment *booted_deployment = ostree_sysroot_get_booted_deployment (sysroot); g_autoptr(OstreeDeployment) pending_deployment = NULL; g_autoptr(OstreeDeployment) rollback_deployment = NULL; if (booted_deployment) ostree_sysroot_query_deployments_for (sysroot, NULL, &pending_deployment, &rollback_deployment); if (deployments->len == 0) { g_print ("No deployments.\n"); } else { for (guint i = 0; i < deployments->len; i++) { OstreeDeployment *deployment = deployments->pdata[i]; const char *ref = ostree_deployment_get_csum (deployment); /* Load the backing commit; shouldn't normally fail, but if it does, * we stumble on. */ g_autoptr(GVariant) commit = NULL; (void)ostree_repo_load_variant (repo, OSTREE_OBJECT_TYPE_COMMIT, ref, &commit, NULL); g_autoptr(GVariant) commit_metadata = NULL; if (commit) commit_metadata = g_variant_get_child_value (commit, 0); const char *version = NULL; const char *source_title = NULL; if (commit_metadata) { (void) g_variant_lookup (commit_metadata, OSTREE_COMMIT_META_KEY_VERSION, "&s", &version); (void) g_variant_lookup (commit_metadata, OSTREE_COMMIT_META_KEY_SOURCE_TITLE, "&s", &source_title); } GKeyFile *origin = ostree_deployment_get_origin (deployment); const char *deployment_status = ""; if (deployment == pending_deployment) deployment_status = " (pending)"; else if (deployment == rollback_deployment) deployment_status = " (rollback)"; g_print ("%c %s %s.%d%s\n", deployment == booted_deployment ? '*' : ' ', ostree_deployment_get_osname (deployment), ostree_deployment_get_csum (deployment), ostree_deployment_get_deployserial (deployment), deployment_status); if (version) g_print (" Version: %s\n", version); OstreeDeploymentUnlockedState unlocked = ostree_deployment_get_unlocked (deployment); switch (unlocked) { case OSTREE_DEPLOYMENT_UNLOCKED_NONE: break; default: g_print (" %sUnlocked: %s%s\n", red_bold_prefix, ostree_deployment_unlocked_state_to_string (unlocked), red_bold_suffix); } if (!origin) g_print (" origin: none\n"); else { g_autofree char *origin_refspec = g_key_file_get_string (origin, "origin", "refspec", NULL); if (!origin_refspec) g_print (" origin: <unknown origin type>\n"); else g_print (" origin refspec: %s\n", origin_refspec); if (source_title) g_print (" `- %s\n", source_title); } if (deployment_get_gpg_verify (deployment, repo)) { g_autoptr(GString) output_buffer = g_string_sized_new (256); /* Print any digital signatures on this commit. */ g_autoptr(GError) local_error = NULL; g_autoptr(OstreeGpgVerifyResult) result = ostree_repo_verify_commit_ext (repo, ref, NULL, NULL, cancellable, &local_error); /* G_IO_ERROR_NOT_FOUND just means the commit is not signed. */ if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND)) { g_clear_error (&local_error); continue; } else if (local_error != NULL) { g_propagate_error (error, g_steal_pointer (&local_error)); return FALSE; } const guint n_signatures = ostree_gpg_verify_result_count_all (result); for (guint jj = 0; jj < n_signatures; jj++) { ostree_gpg_verify_result_describe (result, jj, output_buffer, " GPG: ", OSTREE_GPG_SIGNATURE_FORMAT_DEFAULT); } g_print ("%s", output_buffer->str); } } } return TRUE; }
gboolean ot_admin_builtin_undeploy (int argc, char **argv, GCancellable *cancellable, GError **error) { gboolean ret = FALSE; GOptionContext *context; gs_unref_object OstreeSysroot *sysroot = NULL; const char *deploy_index_str; int deploy_index; gs_unref_ptrarray GPtrArray *current_deployments = NULL; gs_unref_object OstreeDeployment *booted_deployment = NULL; gs_unref_object OstreeDeployment *target_deployment = NULL; context = g_option_context_new ("INDEX - Delete deployment INDEX"); if (!ostree_admin_option_context_parse (context, options, &argc, &argv, OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER, &sysroot, cancellable, error)) goto out; if (argc < 2) { ot_util_usage_error (context, "INDEX must be specified", error); goto out; } if (!ostree_sysroot_load (sysroot, cancellable, error)) goto out; current_deployments = ostree_sysroot_get_deployments (sysroot); deploy_index_str = argv[1]; deploy_index = atoi (deploy_index_str); target_deployment = ot_admin_get_indexed_deployment (sysroot, deploy_index, error); if (!target_deployment) goto out; if (target_deployment == ostree_sysroot_get_booted_deployment (sysroot)) { g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND, "Cannot undeploy currently booted deployment %i", deploy_index); goto out; } g_ptr_array_remove_index (current_deployments, deploy_index); if (!ostree_sysroot_write_deployments (sysroot, current_deployments, cancellable, error)) goto out; g_print ("Deleted deployment %s.%d\n", ostree_deployment_get_csum (target_deployment), ostree_deployment_get_deployserial (target_deployment)); if (!ostree_sysroot_cleanup (sysroot, cancellable, error)) { g_prefix_error (error, "Performing final cleanup: "); goto out; } ret = TRUE; out: if (context) g_option_context_free (context); return ret; }