gboolean
ot_admin_builtin_os_init (int argc, char **argv, GCancellable *cancellable, GError **error)
{
g_autoptr(GOptionContext) context = NULL;
glnx_unref_object OstreeSysroot *sysroot = NULL;
gboolean ret = FALSE;
const char *osname = NULL;
context = g_option_context_new ("OSNAME - Initialize empty state for given operating system");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_ensure_initialized (sysroot, cancellable, error))
goto out;
if (argc < 2)
{
ot_util_usage_error (context, "OSNAME must be specified", error);
goto out;
}
osname = argv[1];
if (!ostree_sysroot_init_osname (sysroot, osname, cancellable, error))
goto out;
g_print ("ostree/deploy/%s initialized as OSTree root\n", osname);
ret = TRUE;
out:
return ret;
}
gboolean
ot_admin_builtin_cleanup (int argc, char **argv, GCancellable *cancellable, GError **error)
{
GOptionContext *context;
glnx_unref_object OstreeSysroot *sysroot = NULL;
gboolean ret = FALSE;
context = g_option_context_new ("Delete untagged deployments and repository objects");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_cleanup (sysroot, cancellable, error))
goto out;
ret = TRUE;
out:
if (context)
g_option_context_free (context);
return ret;
}
gboolean
ot_admin_builtin_unlock (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
g_autoptr(GOptionContext) context = NULL;
g_autoptr(OstreeSysroot) sysroot = NULL;
OstreeDeployment *booted_deployment = NULL;
OstreeDeploymentUnlockedState target_state;
context = g_option_context_new ("");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
invocation, &sysroot, cancellable, error))
goto out;
if (argc > 1)
{
ot_util_usage_error (context, "This command takes no extra arguments", error);
goto out;
}
booted_deployment = ostree_sysroot_get_booted_deployment (sysroot);
if (!booted_deployment)
{
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Not currently booted into an OSTree system");
goto out;
}
target_state = opt_hotfix ? OSTREE_DEPLOYMENT_UNLOCKED_HOTFIX : OSTREE_DEPLOYMENT_UNLOCKED_DEVELOPMENT;
if (!ostree_sysroot_deployment_unlock (sysroot, booted_deployment,
target_state, cancellable, error))
goto out;
switch (target_state)
{
case OSTREE_DEPLOYMENT_UNLOCKED_NONE:
g_assert_not_reached ();
break;
case OSTREE_DEPLOYMENT_UNLOCKED_HOTFIX:
g_print ("Hotfix mode enabled. A writable overlayfs is now mounted on /usr\n"
"for this booted deployment. A non-hotfixed clone has been created\n"
"as the non-default rollback target.\n");
break;
case OSTREE_DEPLOYMENT_UNLOCKED_DEVELOPMENT:
g_print ("Development mode enabled. A writable overlayfs is now mounted on /usr.\n"
"All changes there will be discarded on reboot.\n");
break;
}
ret = TRUE;
out:
return ret;
}
gboolean
ot_admin_instutil_builtin_grub2_generate (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
guint bootversion;
g_autoptr(GOptionContext) context = NULL;
glnx_unref_object OstreeSysroot *sysroot = NULL;
context = g_option_context_new ("[BOOTVERSION] - generate GRUB2 configuration from given BLS entries");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
if (argc >= 2)
{
bootversion = (guint) g_ascii_strtoull (argv[1], NULL, 10);
if (!(bootversion == 0 || bootversion == 1))
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Invalid bootversion: %u", bootversion);
goto out;
}
}
else
{
const char *bootversion_env = g_getenv ("_OSTREE_GRUB2_BOOTVERSION");
if (bootversion_env)
bootversion = g_ascii_strtoull (bootversion_env, NULL, 10);
else
bootversion = ostree_sysroot_get_bootversion (sysroot);
g_assert (bootversion == 0 || bootversion == 1);
}
if (!ostree_cmd__private__()->ostree_generate_grub2_config (sysroot, bootversion, 1, cancellable, error))
goto out;
ret = TRUE;
out:
return ret;
}
gboolean
ot_admin_builtin_os_init (int argc, char **argv, GCancellable *cancellable, GError **error)
{
GOptionContext *context;
glnx_unref_object OstreeSysroot *sysroot = NULL;
gboolean ret = FALSE;
const char *osname = NULL;
g_autoptr(GFile) deploy_dir = NULL;
g_autoptr(GFile) dir = NULL;
context = g_option_context_new ("OSNAME - Initialize empty state for given operating system");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_ensure_initialized (sysroot, cancellable, error))
goto out;
if (argc < 2)
{
ot_util_usage_error (context, "OSNAME must be specified", error);
goto out;
}
osname = argv[1];
deploy_dir = ot_gfile_get_child_build_path (ostree_sysroot_get_path (sysroot), "ostree", "deploy", osname, NULL);
/* Ensure core subdirectories of /var exist, since we need them for
* dracut generation, and the host will want them too.
*/
g_clear_object (&dir);
dir = ot_gfile_get_child_build_path (deploy_dir, "var", "tmp", NULL);
if (!gs_file_ensure_directory (dir, TRUE, cancellable, error))
goto out;
if (chmod (gs_file_get_path_cached (dir), 01777) < 0)
{
gs_set_error_from_errno (error, errno);
goto out;
}
g_clear_object (&dir);
dir = ot_gfile_get_child_build_path (deploy_dir, "var", "lib", NULL);
if (!gs_file_ensure_directory (dir, TRUE, cancellable, error))
goto out;
g_clear_object (&dir);
dir = ot_gfile_get_child_build_path (deploy_dir, "var", "run", NULL);
if (!g_file_test (gs_file_get_path_cached (dir), G_FILE_TEST_IS_SYMLINK))
{
if (symlink ("../run", gs_file_get_path_cached (dir)) < 0)
{
gs_set_error_from_errno (error, errno);
goto out;
}
}
dir = ot_gfile_get_child_build_path (deploy_dir, "var", "lock", NULL);
if (!g_file_test (gs_file_get_path_cached (dir), G_FILE_TEST_IS_SYMLINK))
{
if (symlink ("../run/lock", gs_file_get_path_cached (dir)) < 0)
{
gs_set_error_from_errno (error, errno);
goto out;
}
}
g_print ("%s initialized as OSTree root\n", gs_file_get_path_cached (deploy_dir));
ret = TRUE;
out:
if (context)
g_option_context_free (context);
return ret;
}
gboolean
ot_admin_builtin_upgrade (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
GOptionContext *context;
glnx_unref_object OstreeSysroot *sysroot = NULL;
glnx_unref_object OstreeSysrootUpgrader *upgrader = NULL;
g_autofree char *origin_remote = NULL;
g_autofree char *origin_ref = NULL;
g_autofree char *origin_refspec = NULL;
g_autofree char *new_revision = NULL;
g_autoptr(GFile) deployment_path = NULL;
g_autoptr(GFile) deployment_origin_path = NULL;
glnx_unref_object OstreeDeployment *merge_deployment = NULL;
glnx_unref_object OstreeDeployment *new_deployment = NULL;
GSConsole *console = NULL;
gboolean in_status_line = FALSE;
glnx_unref_object OstreeAsyncProgress *progress = NULL;
gboolean changed;
OstreeSysrootUpgraderPullFlags upgraderpullflags = 0;
context = g_option_context_new ("Construct new tree from current origin and deploy it, if it changed");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
upgrader = ostree_sysroot_upgrader_new_for_os (sysroot, opt_osname,
cancellable, error);
if (!upgrader)
goto out;
console = gs_console_get ();
if (console)
{
gs_console_begin_status_line (console, "", NULL, NULL);
in_status_line = TRUE;
progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, console);
}
if (opt_allow_downgrade)
upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER;
if (!ostree_sysroot_upgrader_pull (upgrader, 0, upgraderpullflags,
progress, &changed,
cancellable, error))
goto out;
if (in_status_line)
{
gs_console_end_status_line (console, NULL, NULL);
in_status_line = FALSE;
}
if (!changed)
{
g_print ("No update available.\n");
}
else
{
g_autoptr(GFile) real_sysroot = g_file_new_for_path ("/");
if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error))
goto out;
if (opt_reboot && g_file_equal (ostree_sysroot_get_path (sysroot), real_sysroot))
{
gs_subprocess_simple_run_sync (NULL, GS_SUBPROCESS_STREAM_DISPOSITION_INHERIT,
cancellable, error,
"systemctl", "reboot", NULL);
}
}
ret = TRUE;
out:
if (in_status_line)
gs_console_end_status_line (console, NULL, NULL);
if (context)
g_option_context_free (context);
return ret;
}
gboolean
ot_admin_builtin_set_origin (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
GOptionContext *context;
const char *remotename = NULL;
const char *url = NULL;
const char *branch = NULL;
gs_unref_object OstreeRepo *repo = NULL;
gs_unref_object OstreeSysroot *sysroot = NULL;
OstreeDeployment *target_deployment = NULL;
context = g_option_context_new ("REMOTENAME URL [BRANCH]");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
if (argc < 3)
{
ot_util_usage_error (context, "REMOTENAME and URL must be specified", error);
goto out;
}
remotename = argv[1];
url = argv[2];
if (argc > 3)
branch = argv[3];
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error))
goto out;
if (opt_index == -1)
{
target_deployment = ostree_sysroot_get_booted_deployment (sysroot);
if (target_deployment == NULL)
{
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Not currently booted into an OSTree system");
goto out;
}
}
else
{
target_deployment = ot_admin_get_indexed_deployment (sysroot, opt_index, error);
if (!target_deployment)
goto out;
}
{ char **iter;
gs_unref_variant_builder GVariantBuilder *optbuilder =
g_variant_builder_new (G_VARIANT_TYPE ("a{sv}"));
for (iter = opt_set; iter && *iter; iter++)
{
const char *keyvalue = *iter;
gs_free char *subkey = NULL;
gs_free char *subvalue = NULL;
if (!ot_parse_keyvalue (keyvalue, &subkey, &subvalue, error))
goto out;
g_variant_builder_add (optbuilder, "{s@v}",
subkey, g_variant_new_variant (g_variant_new_string (subvalue)));
}
if (!ostree_repo_remote_change (repo, NULL,
OSTREE_REPO_REMOTE_CHANGE_ADD_IF_NOT_EXISTS,
remotename, url,
g_variant_builder_end (optbuilder),
cancellable, error))
goto out;
}
{ GKeyFile *old_origin = ostree_deployment_get_origin (target_deployment);
gs_free char *origin_refspec = g_key_file_get_string (old_origin, "origin", "refspec", NULL);
gs_free char *new_refspec = NULL;
gs_free char *origin_remote = NULL;
gs_free char *origin_ref = NULL;
if (!ostree_parse_refspec (origin_refspec, &origin_remote, &origin_ref, error))
goto out;
{ gs_free char *new_refspec = g_strconcat (remotename, ":", branch ? branch : origin_ref, NULL);
gs_unref_keyfile GKeyFile *new_origin = NULL;
gs_unref_object GFile *origin_path = NULL;
new_origin = ostree_sysroot_origin_new_from_refspec (sysroot, new_refspec);
if (!ostree_sysroot_write_origin_file (sysroot, target_deployment, new_origin,
cancellable, error))
goto out;
}
}
ret = TRUE;
out:
if (context)
g_option_context_free (context);
return ret;
}
gboolean
ot_admin_builtin_switch (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
{
g_autoptr(GOptionContext) context =
g_option_context_new ("REF");
g_autoptr(OstreeSysroot) sysroot = NULL;
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
invocation, &sysroot, cancellable, error))
return FALSE;
if (argc < 2)
{
ot_util_usage_error (context, "REF must be specified", error);
return FALSE;
}
const char *new_provided_refspec = argv[1];
g_autoptr(OstreeSysrootUpgrader) upgrader =
ostree_sysroot_upgrader_new_for_os_with_flags (sysroot, opt_osname,
OSTREE_SYSROOT_UPGRADER_FLAGS_IGNORE_UNCONFIGURED,
cancellable, error);
if (!upgrader)
return FALSE;
GKeyFile *old_origin = ostree_sysroot_upgrader_get_origin (upgrader);
g_autofree char *origin_refspec = g_key_file_get_string (old_origin, "origin", "refspec", NULL);
g_autofree char *origin_remote = NULL;
g_autofree char *origin_ref = NULL;
if (!ostree_parse_refspec (origin_refspec, &origin_remote, &origin_ref, error))
return FALSE;
g_autofree char *new_remote = NULL;
g_autofree char *new_ref = NULL;
/* Allow just switching remotes */
if (g_str_has_suffix (new_provided_refspec, ":"))
{
new_remote = g_strdup (new_provided_refspec);
new_remote[strlen(new_remote)-1] = '\0';
new_ref = g_strdup (origin_ref);
}
else
{
if (!ostree_parse_refspec (new_provided_refspec, &new_remote, &new_ref, error))
return FALSE;
}
const char* remote = new_remote ?: origin_remote;
g_autofree char *new_refspec = NULL;
if (remote)
new_refspec = g_strconcat (remote, ":", new_ref, NULL);
else
new_refspec = g_strdup (new_ref);
if (strcmp (origin_refspec, new_refspec) == 0)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Old and new refs are equal: %s", new_refspec);
return FALSE;
}
g_autoptr(GKeyFile) new_origin = ostree_sysroot_origin_new_from_refspec (sysroot, new_refspec);
if (!ostree_sysroot_upgrader_set_origin (upgrader, new_origin, cancellable, error))
return FALSE;
{ g_auto(GLnxConsoleRef) console = { 0, };
glnx_console_lock (&console);
g_autoptr(OstreeAsyncProgress) progress = NULL;
if (console.is_tty)
progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, &console);
/* Always allow older...there's not going to be a chronological
* relationship necessarily.
*/
gboolean changed;
if (!ostree_sysroot_upgrader_pull (upgrader, 0,
OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER,
progress, &changed,
cancellable, error))
return FALSE;
if (progress)
ostree_async_progress_finish (progress);
}
if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error))
return FALSE;
OstreeRepo *repo = ostree_sysroot_repo (sysroot);
if (!ostree_repo_prepare_transaction (repo, NULL, cancellable, error))
return FALSE;
g_print ("Deleting ref '%s:%s'\n", origin_remote, origin_ref);
ostree_repo_transaction_set_ref (repo, origin_remote, origin_ref, NULL);
if (!ostree_repo_commit_transaction (repo, NULL, cancellable, error))
return FALSE;
if (opt_reboot)
{
if (!ot_admin_execve_reboot (sysroot, error))
return FALSE;
}
return TRUE;
}
gboolean
ot_admin_instutil_builtin_selinux_ensure_labeled (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
const char *policy_name;
g_autoptr(GFile) subpath = NULL;
const char *prefix = NULL;
glnx_unref_object OstreeSePolicy *sepolicy = NULL;
g_autoptr(GPtrArray) deployments = NULL;
OstreeDeployment *first_deployment;
GOptionContext *context = NULL;
glnx_unref_object OstreeSysroot *sysroot = NULL;
g_autoptr(GFile) deployment_path = NULL;
context = g_option_context_new ("[SUBPATH PREFIX] - relabel all or part of a deployment");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
deployments = ostree_sysroot_get_deployments (sysroot);
if (deployments->len == 0)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Unable to find a deployment in sysroot");
goto out;
}
first_deployment = deployments->pdata[0];
deployment_path = ostree_sysroot_get_deployment_directory (sysroot, first_deployment);
if (argc >= 2)
{
subpath = g_file_new_for_path (argv[1]);
prefix = argv[2];
}
else
{
subpath = g_object_ref (deployment_path);
prefix = "";
}
sepolicy = ostree_sepolicy_new (deployment_path, cancellable, error);
if (!sepolicy)
goto out;
policy_name = ostree_sepolicy_get_name (sepolicy);
if (policy_name)
{
g_print ("Relabeling using policy '%s'\n", policy_name);
if (!selinux_relabel_dir (sepolicy, subpath, prefix,
cancellable, error))
goto out;
}
else
g_print ("No SELinux policy found in deployment '%s'\n",
gs_file_get_path_cached (deployment_path));
ret = TRUE;
out:
if (context)
g_option_context_free (context);
return ret;
}
gboolean
ot_admin_builtin_deploy (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
const char *refspec;
GOptionContext *context;
glnx_unref_object OstreeSysroot *sysroot = NULL;
GKeyFile *origin = NULL;
glnx_unref_object OstreeRepo *repo = NULL;
g_autoptr(GPtrArray) new_deployments = NULL;
glnx_unref_object OstreeDeployment *new_deployment = NULL;
glnx_unref_object OstreeDeployment *merge_deployment = NULL;
g_autofree char *revision = NULL;
__attribute__((cleanup(_ostree_kernel_args_cleanup))) OstreeKernelArgs *kargs = NULL;
context = g_option_context_new ("REFSPEC - Checkout revision REFSPEC as the new default deployment");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
if (argc < 2)
{
ot_util_usage_error (context, "REF/REV must be specified", error);
goto out;
}
refspec = argv[1];
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error))
goto out;
/* Find the currently booted deployment, if any; we will ensure it
* is present in the new deployment list.
*/
if (!ot_admin_require_booted_deployment_or_osname (sysroot, opt_osname,
cancellable, error))
{
g_prefix_error (error, "Looking for booted deployment: ");
goto out;
}
if (opt_origin_path)
{
origin = g_key_file_new ();
if (!g_key_file_load_from_file (origin, opt_origin_path, 0, error))
goto out;
}
else
{
origin = ostree_sysroot_origin_new_from_refspec (sysroot, refspec);
}
if (!ostree_repo_resolve_rev (repo, refspec, FALSE, &revision, error))
goto out;
merge_deployment = ostree_sysroot_get_merge_deployment (sysroot, opt_osname);
/* Here we perform cleanup of any leftover data from previous
* partial failures. This avoids having to call gs_shutil_rm_rf()
* at random points throughout the process.
*
* TODO: Add /ostree/transaction file, and only do this cleanup if
* we find it.
*/
if (!ostree_sysroot_prepare_cleanup (sysroot, cancellable, error))
{
g_prefix_error (error, "Performing initial cleanup: ");
goto out;
}
kargs = _ostree_kernel_args_new ();
/* If they want the current kernel's args, they very likely don't
* want the ones from the merge.
*/
if (opt_kernel_proc_cmdline)
{
if (!_ostree_kernel_args_append_proc_cmdline (kargs, cancellable, error))
goto out;
}
else if (merge_deployment)
{
OstreeBootconfigParser *bootconfig = ostree_deployment_get_bootconfig (merge_deployment);
g_auto(GStrv) previous_args = g_strsplit (ostree_bootconfig_parser_get (bootconfig, "options"), " ", -1);
_ostree_kernel_args_append_argv (kargs, previous_args);
}
if (opt_kernel_argv)
{
_ostree_kernel_args_replace_argv (kargs, opt_kernel_argv);
}
if (opt_kernel_argv_append)
{
_ostree_kernel_args_append_argv (kargs, opt_kernel_argv_append);
}
{
g_auto(GStrv) kargs_strv = _ostree_kernel_args_to_strv (kargs);
if (!ostree_sysroot_deploy_tree (sysroot,
opt_osname, revision, origin,
merge_deployment, kargs_strv,
&new_deployment,
cancellable, error))
goto out;
}
if (!ostree_sysroot_simple_write_deployment (sysroot, opt_osname,
new_deployment, merge_deployment,
opt_retain ? OSTREE_SYSROOT_SIMPLE_WRITE_DEPLOYMENT_FLAGS_RETAIN : 0,
cancellable, error))
goto out;
ret = TRUE;
out:
if (origin)
g_key_file_unref (origin);
if (context)
g_option_context_free (context);
return ret;
}
gboolean
ot_admin_instutil_builtin_set_kargs (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
guint i;
g_autoptr(GPtrArray) deployments = NULL;
OstreeDeployment *first_deployment = NULL;
GOptionContext *context = NULL;
glnx_unref_object OstreeSysroot *sysroot = NULL;
__attribute__((cleanup(_ostree_kernel_args_cleanup))) OstreeKernelArgs *kargs = NULL;
context = g_option_context_new ("ARGS - set new kernel command line arguments");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER | OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
deployments = ostree_sysroot_get_deployments (sysroot);
if (deployments->len == 0)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Unable to find a deployment in sysroot");
goto out;
}
first_deployment = deployments->pdata[0];
kargs = _ostree_kernel_args_new ();
/* If they want the current kernel's args, they very likely don't
* want the ones from the merge.
*/
if (opt_proc_cmdline)
{
if (!_ostree_kernel_args_append_proc_cmdline (kargs, cancellable, error))
goto out;
}
else if (opt_merge)
{
OstreeBootconfigParser *bootconfig = ostree_deployment_get_bootconfig (first_deployment);
g_auto(GStrv) previous_args = g_strsplit (ostree_bootconfig_parser_get (bootconfig, "options"), " ", -1);
_ostree_kernel_args_append_argv (kargs, previous_args);
}
if (opt_replace)
{
_ostree_kernel_args_replace_argv (kargs, opt_replace);
}
if (opt_append)
{
_ostree_kernel_args_append_argv (kargs, opt_append);
}
for (i = 1; i < argc; i++)
_ostree_kernel_args_append (kargs, argv[i]);
{
g_auto(GStrv) kargs_strv = _ostree_kernel_args_to_strv (kargs);
if (!ostree_sysroot_deployment_set_kargs (sysroot, first_deployment,
kargs_strv,
cancellable, error))
goto out;
}
ret = TRUE;
out:
if (context)
g_option_context_free (context);
return ret;
}
gboolean
ot_admin_builtin_upgrade (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
g_autoptr(GOptionContext) context = NULL;
glnx_unref_object OstreeSysroot *sysroot = NULL;
glnx_unref_object OstreeSysrootUpgrader *upgrader = NULL;
g_autoptr(GKeyFile) origin = NULL;
glnx_unref_object OstreeAsyncProgress *progress = NULL;
gboolean changed;
OstreeSysrootUpgraderPullFlags upgraderpullflags = 0;
context = g_option_context_new ("Construct new tree from current origin and deploy it, if it changed");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
upgrader = ostree_sysroot_upgrader_new_for_os (sysroot, opt_osname,
cancellable, error);
if (!upgrader)
goto out;
origin = ostree_sysroot_upgrader_dup_origin (upgrader);
if (origin != NULL)
{
gboolean origin_changed = FALSE;
if (opt_override_commit != NULL)
{
/* Override the commit to pull and deploy. */
g_key_file_set_string (origin, "origin",
"override-commit",
opt_override_commit);
origin_changed = TRUE;
}
else
{
/* Strip any override-commit from the origin file so
* we always upgrade to the latest available commit. */
origin_changed = g_key_file_remove_key (origin, "origin",
"override-commit", NULL);
}
/* Should we consider requiring --discard-hotfix here? */
origin_changed |= g_key_file_remove_key (origin, "origin", "unlocked", NULL);
if (origin_changed)
{
/* XXX GCancellable parameter is not used. */
if (!ostree_sysroot_upgrader_set_origin (upgrader, origin, NULL, error))
goto out;
}
}
{ g_auto(GLnxConsoleRef) console = { 0, };
glnx_console_lock (&console);
if (console.is_tty)
progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, &console);
if (opt_allow_downgrade)
upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER;
if (!ostree_sysroot_upgrader_pull (upgrader, 0, upgraderpullflags,
progress, &changed,
cancellable, error))
goto out;
if (progress)
ostree_async_progress_finish (progress);
}
if (!changed)
{
g_print ("No update available.\n");
}
else
{
if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error))
goto out;
if (opt_reboot)
{
if (!ot_admin_execve_reboot (sysroot, error))
goto out;
}
}
ret = TRUE;
out:
return ret;
}
gboolean
ot_admin_builtin_status (int argc, char **argv, GCancellable *cancellable, GError **error)
{
g_autoptr(GOptionContext) context = NULL;
glnx_unref_object OstreeSysroot *sysroot = NULL;
gboolean ret = FALSE;
glnx_unref_object OstreeRepo *repo = NULL;
OstreeDeployment *booted_deployment = NULL;
g_autoptr(GPtrArray) deployments = NULL;
const int is_tty = isatty (1);
const char *red_bold_prefix = is_tty ? "\x1b[31m\x1b[1m" : "";
const char *red_bold_suffix = is_tty ? "\x1b[22m\x1b[0m" : "";
guint i;
context = g_option_context_new ("List deployments");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED,
&sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error))
goto out;
deployments = ostree_sysroot_get_deployments (sysroot);
booted_deployment = ostree_sysroot_get_booted_deployment (sysroot);
if (deployments->len == 0)
{
g_print ("No deployments.\n");
}
else
{
for (i = 0; i < deployments->len; i++)
{
OstreeDeployment *deployment = deployments->pdata[i];
GKeyFile *origin;
const char *ref = ostree_deployment_get_csum (deployment);
OstreeDeploymentUnlockedState unlocked = ostree_deployment_get_unlocked (deployment);
g_autofree char *version = version_of_commit (repo, ref);
glnx_unref_object OstreeGpgVerifyResult *result = NULL;
GString *output_buffer;
guint jj, n_signatures;
GError *local_error = NULL;
origin = ostree_deployment_get_origin (deployment);
g_print ("%c %s %s.%d\n",
deployment == booted_deployment ? '*' : ' ',
ostree_deployment_get_osname (deployment),
ostree_deployment_get_csum (deployment),
ostree_deployment_get_deployserial (deployment));
if (version)
g_print (" Version: %s\n", version);
switch (unlocked)
{
case OSTREE_DEPLOYMENT_UNLOCKED_NONE:
break;
default:
g_print (" %sUnlocked: %s%s\n", red_bold_prefix,
ostree_deployment_unlocked_state_to_string (unlocked),
red_bold_suffix);
}
if (!origin)
g_print (" origin: none\n");
else
{
g_autofree char *origin_refspec = g_key_file_get_string (origin, "origin", "refspec", NULL);
if (!origin_refspec)
g_print (" origin: <unknown origin type>\n");
else
g_print (" origin refspec: %s\n", origin_refspec);
}
if (deployment_get_gpg_verify (deployment, repo))
{
/* Print any digital signatures on this commit. */
result = ostree_repo_verify_commit_ext (repo, ref, NULL, NULL,
cancellable, &local_error);
/* G_IO_ERROR_NOT_FOUND just means the commit is not signed. */
if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
{
g_clear_error (&local_error);
continue;
}
else if (local_error != NULL)
{
g_propagate_error (error, local_error);
goto out;
}
output_buffer = g_string_sized_new (256);
n_signatures = ostree_gpg_verify_result_count_all (result);
for (jj = 0; jj < n_signatures; jj++)
{
ostree_gpg_verify_result_describe (result, jj, output_buffer, " GPG: ",
OSTREE_GPG_SIGNATURE_FORMAT_DEFAULT);
}
g_print ("%s", output_buffer->str);
g_string_free (output_buffer, TRUE);
}
}
}
ret = TRUE;
out:
return ret;
}
gboolean
ostree_builtin_admin (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
const char *subcommand_name = NULL;
OstreeAdminCommand *subcommand;
gs_free char *prgname = NULL;
int in, out;
/*
* Parse the global options. We rearrange the options as
* necessary, in order to pass relevant options through
* to the commands, but also have them take effect globally.
*/
for (in = 1, out = 1; in < argc; in++, out++)
{
/* The non-option is the command, take it out of the arguments */
if (argv[in][0] != '-')
{
if (subcommand_name == NULL)
{
subcommand_name = argv[in];
out--;
continue;
}
}
else if (g_str_equal (argv[in], "--"))
{
break;
}
argv[out] = argv[in];
}
argc = out;
subcommand = admin_subcommands;
while (subcommand->name)
{
if (g_strcmp0 (subcommand_name, subcommand->name) == 0)
break;
subcommand++;
}
if (!subcommand->name)
{
GOptionContext *context;
gs_free char *help;
context = ostree_admin_option_context_new_with_commands ();
/* This will not return for some options (e.g. --version). */
if (ostree_admin_option_context_parse (context, NULL, &argc, &argv, NULL, cancellable, error))
{
if (subcommand_name == NULL)
{
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"No \"admin\" subcommand specified");
}
else
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_SUPPORTED,
"Unknown \"admin\" subcommand '%s'", subcommand_name);
}
}
help = g_option_context_get_help (context, FALSE, NULL);
g_printerr ("%s", help);
g_option_context_free (context);
goto out;
}
prgname = g_strdup_printf ("%s %s", g_get_prgname (), subcommand_name);
g_set_prgname (prgname);
if (!subcommand->fn (argc, argv, cancellable, error))
goto out;
ret = TRUE;
out:
return ret;
}
gboolean
ot_admin_builtin_upgrade (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
{
g_autoptr(GOptionContext) context = g_option_context_new ("");
g_autoptr(OstreeSysroot) sysroot = NULL;
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
invocation, &sysroot, cancellable, error))
return FALSE;
if (opt_pull_only && opt_deploy_only)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Cannot simultaneously specify --pull-only and --deploy-only");
return FALSE;
}
else if (opt_pull_only && opt_reboot)
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
"Cannot simultaneously specify --pull-only and --reboot");
return FALSE;
}
g_autoptr(OstreeSysrootUpgrader) upgrader =
ostree_sysroot_upgrader_new_for_os (sysroot, opt_osname,
cancellable, error);
if (!upgrader)
return FALSE;
g_autoptr(GKeyFile) origin = ostree_sysroot_upgrader_dup_origin (upgrader);
if (origin != NULL)
{
gboolean origin_changed = FALSE;
if (opt_override_commit != NULL)
{
/* Override the commit to pull and deploy. */
g_key_file_set_string (origin, "origin",
"override-commit",
opt_override_commit);
origin_changed = TRUE;
}
else
{
/* Strip any override-commit from the origin file so
* we always upgrade to the latest available commit. */
origin_changed = g_key_file_remove_key (origin, "origin",
"override-commit", NULL);
}
/* Should we consider requiring --discard-hotfix here? */
origin_changed |= g_key_file_remove_key (origin, "origin", "unlocked", NULL);
if (origin_changed)
{
/* XXX GCancellable parameter is not used. */
if (!ostree_sysroot_upgrader_set_origin (upgrader, origin, NULL, error))
return FALSE;
}
}
gboolean changed;
OstreeSysrootUpgraderPullFlags upgraderpullflags = 0;
if (opt_deploy_only)
upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_SYNTHETIC;
{ g_auto(GLnxConsoleRef) console = { 0, };
glnx_console_lock (&console);
g_autoptr(OstreeAsyncProgress) progress = NULL;
if (console.is_tty)
progress = ostree_async_progress_new_and_connect (ostree_repo_pull_default_console_progress_changed, &console);
if (opt_allow_downgrade)
upgraderpullflags |= OSTREE_SYSROOT_UPGRADER_PULL_FLAGS_ALLOW_OLDER;
if (!ostree_sysroot_upgrader_pull (upgrader, 0, upgraderpullflags,
progress, &changed,
cancellable, error))
{
/* In the pull-only case, we do a cleanup here to ensure that if
* multiple commits were pulled, we garbage collect any old
* partially-pulled intermediate commits before pulling more. This is
* really a best practice in general, but for maximum compatiblity, we
* only do cleanup if a user specifies the new --pull-only option.
* Otherwise, we would break the case of trying to deploy a commit that
* isn't directly referenced.
*/
if (opt_pull_only)
(void) ostree_sysroot_cleanup (sysroot, NULL, NULL);
return FALSE;
}
if (progress)
ostree_async_progress_finish (progress);
}
if (!changed)
{
g_print ("No update available.\n");
}
else
{
if (!opt_pull_only)
{
if (!ostree_sysroot_upgrader_deploy (upgrader, cancellable, error))
return FALSE;
}
if (opt_reboot)
{
if (!ot_admin_execve_reboot (sysroot, error))
return FALSE;
}
}
return TRUE;
}
gboolean
ot_admin_builtin_status (int argc, char **argv, OstreeCommandInvocation *invocation, GCancellable *cancellable, GError **error)
{
const int is_tty = isatty (1);
const char *red_bold_prefix = is_tty ? "\x1b[31m\x1b[1m" : "";
const char *red_bold_suffix = is_tty ? "\x1b[22m\x1b[0m" : "";
g_autoptr(GOptionContext) context = g_option_context_new ("");
g_autoptr(OstreeSysroot) sysroot = NULL;
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_UNLOCKED,
invocation, &sysroot, cancellable, error))
return FALSE;
g_autoptr(OstreeRepo) repo = NULL;
if (!ostree_sysroot_get_repo (sysroot, &repo, cancellable, error))
return FALSE;
g_autoptr(GPtrArray) deployments = ostree_sysroot_get_deployments (sysroot);
OstreeDeployment *booted_deployment = ostree_sysroot_get_booted_deployment (sysroot);
g_autoptr(OstreeDeployment) pending_deployment = NULL;
g_autoptr(OstreeDeployment) rollback_deployment = NULL;
if (booted_deployment)
ostree_sysroot_query_deployments_for (sysroot, NULL, &pending_deployment,
&rollback_deployment);
if (deployments->len == 0)
{
g_print ("No deployments.\n");
}
else
{
for (guint i = 0; i < deployments->len; i++)
{
OstreeDeployment *deployment = deployments->pdata[i];
const char *ref = ostree_deployment_get_csum (deployment);
/* Load the backing commit; shouldn't normally fail, but if it does,
* we stumble on.
*/
g_autoptr(GVariant) commit = NULL;
(void)ostree_repo_load_variant (repo, OSTREE_OBJECT_TYPE_COMMIT, ref,
&commit, NULL);
g_autoptr(GVariant) commit_metadata = NULL;
if (commit)
commit_metadata = g_variant_get_child_value (commit, 0);
const char *version = NULL;
const char *source_title = NULL;
if (commit_metadata)
{
(void) g_variant_lookup (commit_metadata, OSTREE_COMMIT_META_KEY_VERSION, "&s", &version);
(void) g_variant_lookup (commit_metadata, OSTREE_COMMIT_META_KEY_SOURCE_TITLE, "&s", &source_title);
}
GKeyFile *origin = ostree_deployment_get_origin (deployment);
const char *deployment_status = "";
if (deployment == pending_deployment)
deployment_status = " (pending)";
else if (deployment == rollback_deployment)
deployment_status = " (rollback)";
g_print ("%c %s %s.%d%s\n",
deployment == booted_deployment ? '*' : ' ',
ostree_deployment_get_osname (deployment),
ostree_deployment_get_csum (deployment),
ostree_deployment_get_deployserial (deployment),
deployment_status);
if (version)
g_print (" Version: %s\n", version);
OstreeDeploymentUnlockedState unlocked = ostree_deployment_get_unlocked (deployment);
switch (unlocked)
{
case OSTREE_DEPLOYMENT_UNLOCKED_NONE:
break;
default:
g_print (" %sUnlocked: %s%s\n", red_bold_prefix,
ostree_deployment_unlocked_state_to_string (unlocked),
red_bold_suffix);
}
if (!origin)
g_print (" origin: none\n");
else
{
g_autofree char *origin_refspec = g_key_file_get_string (origin, "origin", "refspec", NULL);
if (!origin_refspec)
g_print (" origin: <unknown origin type>\n");
else
g_print (" origin refspec: %s\n", origin_refspec);
if (source_title)
g_print (" `- %s\n", source_title);
}
if (deployment_get_gpg_verify (deployment, repo))
{
g_autoptr(GString) output_buffer = g_string_sized_new (256);
/* Print any digital signatures on this commit. */
g_autoptr(GError) local_error = NULL;
g_autoptr(OstreeGpgVerifyResult) result =
ostree_repo_verify_commit_ext (repo, ref, NULL, NULL,
cancellable, &local_error);
/* G_IO_ERROR_NOT_FOUND just means the commit is not signed. */
if (g_error_matches (local_error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND))
{
g_clear_error (&local_error);
continue;
}
else if (local_error != NULL)
{
g_propagate_error (error, g_steal_pointer (&local_error));
return FALSE;
}
const guint n_signatures = ostree_gpg_verify_result_count_all (result);
for (guint jj = 0; jj < n_signatures; jj++)
{
ostree_gpg_verify_result_describe (result, jj, output_buffer, " GPG: ",
OSTREE_GPG_SIGNATURE_FORMAT_DEFAULT);
}
g_print ("%s", output_buffer->str);
}
}
}
return TRUE;
}
gboolean
ot_admin_builtin_undeploy (int argc, char **argv, GCancellable *cancellable, GError **error)
{
gboolean ret = FALSE;
GOptionContext *context;
gs_unref_object OstreeSysroot *sysroot = NULL;
const char *deploy_index_str;
int deploy_index;
gs_unref_ptrarray GPtrArray *current_deployments = NULL;
gs_unref_object OstreeDeployment *booted_deployment = NULL;
gs_unref_object OstreeDeployment *target_deployment = NULL;
context = g_option_context_new ("INDEX - Delete deployment INDEX");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
if (argc < 2)
{
ot_util_usage_error (context, "INDEX must be specified", error);
goto out;
}
if (!ostree_sysroot_load (sysroot, cancellable, error))
goto out;
current_deployments = ostree_sysroot_get_deployments (sysroot);
deploy_index_str = argv[1];
deploy_index = atoi (deploy_index_str);
target_deployment = ot_admin_get_indexed_deployment (sysroot, deploy_index, error);
if (!target_deployment)
goto out;
if (target_deployment == ostree_sysroot_get_booted_deployment (sysroot))
{
g_set_error (error, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
"Cannot undeploy currently booted deployment %i", deploy_index);
goto out;
}
g_ptr_array_remove_index (current_deployments, deploy_index);
if (!ostree_sysroot_write_deployments (sysroot, current_deployments,
cancellable, error))
goto out;
g_print ("Deleted deployment %s.%d\n", ostree_deployment_get_csum (target_deployment),
ostree_deployment_get_deployserial (target_deployment));
if (!ostree_sysroot_cleanup (sysroot, cancellable, error))
{
g_prefix_error (error, "Performing final cleanup: ");
goto out;
}
ret = TRUE;
out:
if (context)
g_option_context_free (context);
return ret;
}
