Skip to content

Releases: ostreedev/ostree

2024.1

21 Jan 16:02
@cgwalters cgwalters
v2024.1
3b4f5e3
Compare
Choose a tag to compare
2024.1

New features

There are two major new APIs around configuring mutability and persistence of the root filesystem.

First, OSTree gained support for a new root.transient flag that makes / an overlayfs that is persistent across reboots but not across upgrades. This makes the system behave a bit more similarly to e.g. Docker and following tools such as podman and Kubernetes.

There is a different approach in the (still classified as experimental) [email protected] unit:

This approach instead allows operating systems or downstream builders to choose to apply persistent merge semantics to specific targeted directories (e.g. /opt).

Notable bugfixes

  • prepare-root: Fix composefs + ostree admin unlock --hotfix compat by @cgwalters in #3129
  • lib/deploy: Round to block size in early prune space check by @jlebon in #3130

Other misc changes

New Contributors

Full Changelog: v2023.8...v2024.1

Contributors

cgwalters, ericcurtin, and 4 other contributors
Assets 3
Loading

2023.8

06 Dec 16:13
@cgwalters cgwalters
v2023.8
5b23804
Compare
Choose a tag to compare
2023.8

This release stabilizes "deployment finalization locking" which
is very useful for automatic update workflows.

  • sysroot: Stabilize deployment finalization, add API by @cgwalters in #3090

There's a new post-copy command which may be useful for build
systems that generate a filesystem tree outside of ostree:

The commit logic started using reflinks (if available) which
can be a big speedup.

System root and bootloader:

Finally, ostree now ships a tmpfiles.d fragment which copies from /usr/share/factory/var to /var
by default:

Contributors

cgwalters, alexlarsson, and nikita-dubrovskii
Assets 3
Loading

v2023.7

20 Oct 16:47
@cgwalters cgwalters
v2023.7
a87e906
Compare
Choose a tag to compare
v2023.7

A variety of things here. I think the new support for a "transient etc"
will be appreciated in many places. Note that to work with SELinux
the build system side needs to ensure the labels on /usr/etc match /etc.

Another important change is that the ostree HTTP layer now retries requests
by default; this closes a very longstanding RFE.

Also on the pull side, a longstanding bug was fixed where we'd still
try to fetch "loose" objects even when we were doing a delta pull.

There's a variety of clang-analyzer fixes (some false positives, some real
memory leaks, etc).

Even more in the below log; thanks to all contributors!

What's Changed

New Contributors

Full Changelog: v2023.6...v2023.7

Contributors

cgwalters, alexlarsson, and 6 other contributors
Assets 3
Loading

2023.6

25 Aug 15:17
@cgwalters cgwalters
v2023.6
dab8051
Compare
Choose a tag to compare
2023.6

signing: ed25519 can now be backed by openssl

If ostree is compiled with OpenSSL support (as it is on e.g. Fedora derivatives), this also enables an OpenSSL-backed implementation of the ed25519 signature support. Previously, this required libsodium - which can still be used if desired instead of openssl.

composefs changes

Now enabled at build time (but disabled at runtime) by default

On systems with sufficiently new glibc and fsverity, ostree enables support for composefs at build time. It continues to be disabled by default at runtime.

composefs now supports signature verification

There is support for an "initramfs root binding key" that can be injected into the initramfs, and used to verify the ostree commit (including its embedded composefs checksum). One suggested model is to follow how e.g. Fedora signs kernel modules with a transient throwaway key. For more, please see the ostree/composefs doc.

Note that composefs continues to be classified as experimental.

Configuration format has changed

The old ot-composefs kernel argument is no longer honored in favor of a configuration file that should be present in the initramfs.

ostree-prepare-root other changes

  • A new configuration file in the initramfs is honored: /etc/ostree/prepare-root.conf
  • This configuration file can also specify the readonly-sysroot default, which is now recommended
  • Improved Android Boot support
  • The sysroot.readonly flag can now also be configured from here, and this is recommended
  • /run/ostree-booted is now non-empty, and contains serialized state (this is an implementation detail)
  • Several preparatory code cleanups for other changes
  • ostree-prepare-root has a new man page which documents the previous state, along with the above

ostree admin set-default

A long-overdue CLI verb to change the default deployment for the next boot.

sysroot other bugfixes and changes

  • It is now supported to have /usr/etc with an empty /etc. This is preparatory for supporting a transient /etc.
  • Finally fixed the global sync timeout at shutdown
  • Increased verbosity of changes
  • ostree admin deploy now honors --stateroot as we prefer that term over --os

trivial-httpd

The remnants of the deprecated ostree trivial-httpd CLI are now completely gone.

Alexander Larsson (8):
      tests: Fix composefs test
      sign-ed25519: Drop some uses of libsodium
      sign-ed25519: Implement sign and verify using openssl
      CI: Enable --with-crypto=openssl on debian testing to test openssl signatures
      libotutil: Link to crypto libs
      ostree-prepare-root: Validate ed25519 signatures when requested
      Read composefs configuration from initrd instead of commandline
      prepare-root: Only support base64 formated public key files

Colin Walters (84):
      tests/transactionality: Port a bit to xshell
      tests: Drop unused alias
      tests: Enable mtime test
      docs: Update user and group section
      Separate prepare-root static path
      prepare-root: Link to glib
      configure: post-release version bump
      Drop "ostree trivial-httpd" CLI, move to tests directory
      fetcher: Always open tmpfiles in repo (except on FUSE)
      show: Add --print-hex
      build-sys: Add libsodium to OT_DEP_CRYPTO
      Factor out a libotcore
      build: Drop `make syntax-check`
      Add an internal constant for the composefs image name
      prepare-root: Use otutil and g_print
      prepare-root: Drop unused verity flag querying
      sysroot: Add some error prefixing for bootversion
      prepare-root: Use constant for ed25519 signature
      prepare-root: Add metadata for composefs to `/run/ostree-booted`
      remount: Don't overwrite /run/ostree-booted
      remount: Use new metadata in `/run/ostree-booted` for composefs
      prepare-root: Drop dead `pivot_root` code
      Use /run/ostree-booted metadata for sysroot-ro state passing
      man: Add ostree-prepare-root
      mount: Fix gcc -fanalyzer warning for parsing androidboot.slot_suffix
      build-sys: Enable composefs at *build time* by default
      prepare-root: Refactor composefs config handling
      commit: Add `--sign-from-file`
      tests: Remove dead references to "SEED"
      sign-ed25519: More verbose errors for invalid length
      sign-ed25519: Add some comments for data structure
      sign-ed25519: Don't set sk unless we've validated it
      generator: Deduplicate ostree= karg parsing
      prepare-root: Drop code mounting `/proc`
      prepare-root: Drop more dead code
      Add an always-on `inode64` feature
      composefs: Use lowerdir in /run
      generator: Stop creating `/run/ostree-booted`
      src/generator: Move all logic into libostree-1.so
      kernel-args: Move private functions out of public header
      sysroot: Add a bit more error prefixing
      repo: Clarify when we fail to parse a remote
      prepare-root: Introduce `ostree/prepare-root.conf`
      prepare-root: Default sysroot.readonly=true if composefs
      prepare-root: Don't parse target root when composefs enabled
      tree-wide: Consistently `(void)g_variant_lookup()`
      core, switchroot: Harden a bit against `g_variant_get_data() == NULL`
      checksum-utils: Add an assertion that `buf != NULL`
      deploy: Be way more verbose about what we're doing
      tests/destructive: Turn off global sync()
      deploy: Support an empty `/etc` and populated `/usr/etc`
      composefs: Only call `_get_symlink_target()` on symlinks
      os-init: Create a mount namespace
      Add `admin set-default`
      More fully drop `trivial-httpd` entrypoint
      deploy: Fix mutex locking for global sync timeout
      README.md: Drop dead mailing list, link to GH discussions
      prepare-root: Use declare-and-initialize
      prepare-root: Check for empty string, not strlen > 0
      prepare-root: Use ptrarray, not linked list
      switchroot,generator: Only read /proc/cmdline once
      deploy: Add some error prefixing
      prepare-root: Minor clarifications
      repo: Bump lock timeout to 5 minutes
      Add `ostree admin stateroot-init` as alias for `os-init`
      admin-deploy: Add `--stateroot` as alias for `--os`
      admin: Port to c99 style
      remote-add: Port to c99 style
      lzma: Port to C99 style
      checkout: Port to C99 style
      cli/set-origin: Port to C99 style
      tests/destructive: Port more to xshell
      build-sys: Disable composefs on too-old Linux headers
      tests: Add otcore unit tests
      tests/inst: Update to latest ostree-ext
      cmd/init: Port to C99 style
      cmd/grub2-generate: Port to C99 style
      Move prepare-root karg helpers into otcore, add unit tests
      deploy: Add bootloader-naming-2 opt-init
      ci: Add c9s build
      build-sys: Look for both linux/mount.h and sys/mount.h
      build-sys: Really fix composefs check
      Release 2023.6
      configure: post-release version bump

Eric Curtin (6):
      android-boot: Remove dependency on ostree= karg, use androidboot.slot_suffix=
      Remove steal_pointer and steal_pointer_impl as we link in glib now
      bootloader: fold all Android Bootloader specific logic into prepare-root
      prepare-root: On a non-A/B androidboot system, boot system slot a
      prepare-root: Changes made to find_proc_cmdline_key
      prepare-root: If composefs is configured as "maybe" don't fail

dependabot[bot] (5):
      build(deps): bump composefs from `412cb5e` to `ac729b5`
      build(deps): bump composefs from `ac729b5` to `1704f82`
      build(deps): bump libglnx from `07e3e49` to `c02eb59`
      build(deps): bump composefs from `1704f82` to `a6e827d`
      build(deps): bump composefs from `a6e827d` to `1aed878`

samcday (1):
      docs: update boot loader spec link
Assets 3
Loading

2023.5

30 Jun 19:14
@cgwalters cgwalters
v2023.5
26b833e
Compare
Choose a tag to compare
2023.5

This is a bugfix release for the recent 2023.4.

Key bugs fixed

  • Revert "fetcher: Always open tmpfiles in repo location" by @cgwalters in #2901
  • Fix return value of generator on non-ostree systems by @cgwalters in #2911

Other changes

Full Changelog: v2023.4...v2023.5

Contributors

cgwalters, akiernan, and 3 other contributors
Assets 3
Loading

2023.4

20 Jun 17:27
@cgwalters cgwalters
v2023.4
0c35149
Compare
Choose a tag to compare
2023.4

Notable bugfixes

  • commit: fix ostree deployment on 64-bit inode fs by @aospan in #2874

This is a simple patch that is a candidate for backporting to e.g. stable distribution/OS versions of ostree.

New features

composefs

See the documentation.

ostree=aboot for Android Boot

HTTP/pull fixes

  • ostree-fetcher-curl: explicitly use HTTP1.1 when HTTP2 is disabled by @daissi in #2886
  • Increase the metadata size limit to 128MB by @barthalion in #2865
  • fetcher: Always open tmpfiles in repo location by @cgwalters in #2875

Other changes

New Contributors

Full Changelog: v2023.3...v2023.4

Contributors

cgwalters, barthalion, and 8 other contributors
Assets 3
Loading

2023.3

18 May 23:39
@jmarrero jmarrero
v2023.3
bf3495d
Compare
Choose a tag to compare
2023.3

Release 2023.3

NOTE: As usual, some of these commits are actually for the Rust bindings,
which are versioned and released separately.

Colin Walters (14):
      configure: post-release version bump
      treegen: Require at least one mutation
      ci: Turn off errors for deprecated-declarations
      ci: Drop workaround for fedora-release-container
      rust: Bump MSRV to 1.64
      build-sys: Squash automake conditional warning re `.PHONY`
      Add clang formatting infrastructure
      lib: clang-format `ostree.h`
      tree-wide: Fix various include ordering issues
      lib: Fix one include
      clang-format: Don't align backslashes
      tree-wide: Run clang-format
      ci: Validate clang-format
      tests/inst: Add xshell and use it in one place

Dan Nicholson (3):
      tests: Ensure real GIO backends aren't used
      ci: Add test configuration with soup3
      fetcher/soup3: Rewrite without threads

Daniel Kolesa (1):
      fetcher: add libsoup3 backend

Jonathan Lebon (10):
      lib/sysroot-cleanup: Convert bootdir listing to dfd-relative
      lib/sysroot-cleanup: Make some static utility functions global
      lib/sysroot-cleanup: Drop dead code
      lib/sysroot-cleanup: Factor out bootfs cleanup
      lib/sysroot-cleanup: Make bootfs cleanup function global
      libotutil: add utility functions for calculating directory size
      lib/sysroot-deploy: Nuke `finalize-failure.stamp` on successful finalization
      tests/kola: delete unused .gitignore
      tests/kolainst: Add `make localinstall`
      lib/sysroot-deploy: Add experimental support for automatic early prune

Joseph Marrero (2):
      Release 2023.3
      configure: post-release version bump

Philip Withnall (1):
      lib/fetcher: Add some debugging messages to the libsoup request path

Full Changelog: v2023.2...v2023.3

Assets 3
Loading

2023.2

22 Mar 17:14
@cgwalters cgwalters
v2023.2
29106eb
Compare
Choose a tag to compare
2023.2

Release 2023.2

NOTE: As usual, some of these commits are actually for the Rust bindings,
which are versioned and released separately.

Though speaking of bindings in general,
there's a lot of cleanup that landed to the annotations around
nullability in general, which should improve ergonomics. These
changes will be reflected in a future release of the Rust bindings
specifically too.

Otherwise, we have some small tweaks and improvements in various places,
from a performance improvement in commits to test suite fixes.

A notable thing that landed here is fixes for recent GLibs introducing
warnings around unset standard::size.

Thanks to all contributors!

Colin Walters (18):
      Add `sysroot.bootprefix` option
      deploy: Use `semodule --refresh` if available
      configure: post-release version bump
      Release rust/ bindings 0.17.1
      rust-bindings: Regenerate for 2023.1
      rust-bindings: `Sysroot` is `Send`
      itest-pull-space: Use mkfs.ext4, align to at least 512b
      tests: Set size on fileinfo
      Enable `trust_return_value_nullability`
      Add docs and fix annotations for ostree-repo-file.c
      rust: Bump semver
      lib: Fix two nullable annotations
      repo: Fix nullability for remote options
      rust: Renerate bindings
      Revert "repo: Fix nullability for remote options"
      rust-bindings: Regenerate
      Release 2023.2
      configure: post-release version bump

Corentin Noël (3):
      build: Do not include private headers in the introspection
      libostree: Ignore new_and_connect in the introspection
      libostree: Enhance the annotation coverage

Evan Anderson (1):
      core: Ensure glib standard::size attribute is always set

Jonathan Lebon (1):
      ci: update for new kolaTestIso()

Philip Withnall (1):
      lib/fetcher-util: Wake up main context when a request is complete

Seppo Yli-Olli (1):
      Increase buffer size for create_regular_tmpfile_linkable_with_content

Simon McVittie (5):
      tests: Ensure non-root users have access to libcap tools
      ostree_raw_file_to_content_stream: Make size default to 0
      _ostree_zlib_file_header_new: Default size to 0
      write_content_object: Don't assume file info has standard::size
      Use g_steal_fd() in preference to glnx_steal_fd()

Timothée Ravier (1):
      docs: Use upstream theme & update to 0.4.1

dependabot[bot] (1):
      build(deps): bump libglnx from `4e44fd9` to `07e3e49`

-----BEGIN SSH SIGNATURE-----
U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAg5CRAd4pqfdf6DWMgvDhrcq1x8Q
gQPSQHIoZaiiRTt68AAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
AAAAQJGTvsjNISYt6gOheoejoo2Znn3j11juGWFABJycsMqXxSBRQ7NXOZWJvctyleHVX+
QrLs/Wa0KPgo91tMoenwg=
-----END SSH SIGNATURE-----

New Contributors

Full Changelog: v2023.1...v2023.2

Contributors

nanonyme, tintou, and evan-a-a
Assets 3
Loading

2023.1

17 Feb 18:05
@cgwalters cgwalters
v2023.1
cd100df
Compare
Choose a tag to compare
2023.1

What's Changed

New Contributors

Full Changelog: v2022.7...v2023.1

Contributors

lucab, cgwalters, and 6 other contributors
Assets 3
Loading

v2022.7

23 Nov 17:59
@cgwalters cgwalters
v2022.7
e2f8ea6
Compare
Choose a tag to compare
v2022.7

(Some of these commits are actually only for the Rust bindings;
will try to enhance the release flow to more clearly filter
those out)

On the feature front, there's new APIs for idempotent delete operations on
kernel arguments, and for handling unshare() to
manipulate (otherwise) read-only sysroot.

A few very small memory leak fixes.

Many people will be happy that we now retry HTTP requests after
receiving HTTP 500 errors.

There's a notable bugfix avoiding rebuilding SELinux policy
when creating a first deployment.

Thanks to all contributors!

Colin Walters (18):
      Remove readdir-rand
      deploy: Don't rebuild selinux policy on first deployment
      ci: Bump memory for ISO testing flow
      rust: Update to cap-std 1.0
      rust: Drop `openat` dependency
      ci: Fix case where cosa != buildroot
      rust: Update to gio 0.16
      repo: Avoid potential double unwind when writing panic value
      Allow missing docs on two `glib::wrapper` functions
      sysroot: Add an API to initialize with mountns
      rust: Regenerate with latest gir and C sources
      tests/inst: Update to latest ostree-ext
      tests/inst: Drop nix dependency
      tests/inst: Update cap-std-ext to 1.0
      tests/inst: Update sh-inline
      tests: Require OSTREE_TEST_SUDO to be set to use `sudo`
      ci: Add a flow that combines C build and Rust integration tests
      Release 2022.7

Jonathan Lebon (4):
      ci: Bump memory request, use fcosKolaTestIso
      ci: Drop unnecessary outer stage
      ci: Use new names for custom kola steps
      ci: bump cosaPod memory requirement to 5Gi

Luca BRUNO (20):
      configure: post-release version bump
      lib/repo-checkout: fix typo in error message
      lib/bootloader-zipl: check for errors when opening initrd
      lib/static-delta: document and check parameters format
      rust/tests: fix static delta generation testcase
      lib/sign-ed25519: convert invariant checks to assertions
      rust: regenerate bindings after latest release (2022.6)
      ostree: manually patch generated files
      rust: update manual helpers
      ci/rust: bump linting toolchain to latest stable (1.64)
      lib/repo-refs: properly return an error value
      rust: update pinned gir tool to 0.15
      rust/ostree-sys: regenerate for gtk-rs 0.15
      rust/ostree: regenerate for gtk-rs 0.15
      ci/rust: test from git using latest feature
      cargo: prepare ostree 0.16.0 and ostree-sys 0.11.0
      copr: only use libostree tags
      ci: adjust git tags filtering
      cargo: bump minimum Rust version to 1.63
      ostree: manually patch generated files

Manuel Stühn (1):
      Add test for generating static delta to file

Philip Withnall (4):
      ot-builtin-commit: Fix a typo in a command line help string
      ot-builtin-commit: Don’t mention a C function name in a help string
      lib/pull: Fix a small leak when a variable is reused
      ot-builtin-pull: Fix a minor leak with progress reporting

Rafael Garcia Ruiz (2):
      ostree_kernel_args_contains for OstreeKernelArgs
      Idempotent delete operation for  OstreeKernelArgs

Ricardo Noriega (2):
      Enabling retry for HTTP 500 internal server error
      Add tests for cases under random 500s

Simon McVittie (2):
      readdir-rand: Copy full size of struct dirent
      Replace calls to g_memdup() with g_memdup2()

dependabot[bot] (2):
      build(deps): bump libglnx from `26375b5` to `e701578`
      build(deps): bump libglnx from `e701578` to `4e44fd9`

Git-EVTag-v0-SHA512: 9cbc7a178f1cc0dbda25ea1af5f9d4991f41c28768826c44cf2d42333c0677b22daaef6532eb075931f6c5622947780daaa1ec4a5fc64e2adef230feaed372c7

Assets 3
Loading