Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

prepare-root: Add support for root.transient #3114

Merged
merged 3 commits into from
Dec 8, 2023

Commits on Dec 7, 2023

  1. sysroot: Drop unused prototype

    This function doesn't exist anymore.
    cgwalters committed Dec 7, 2023
    Configuration menu
    Copy the full SHA
    6cb15c3 View commit details
    Browse the repository at this point in the history
  2. prepare-root: Add an autofree

    This doesn't matter at all, but I just noticed this while working
    on the code.
    cgwalters committed Dec 7, 2023
    Configuration menu
    Copy the full SHA
    59cdd61 View commit details
    Browse the repository at this point in the history
  3. prepare-root: Add support for root.transient

    Closes: ostreedev#3113
    
    It'd greatly improve compatibility with things like RPMs that install
    in `/opt` if we supported a full "original docker" style model where
    `/` is a transient overlayfs.  We'd still keep our semantics for `/etc`
    and `/var` by default, but e.g. we'd stop recommending
    `/opt` ➡️ `/var/opt`, in this model,
    so `/opt` would be on the overlayfs.
    
    Note this all aligns with composefs, where we'd actually be making
    `/` a *read-only* overlayfs by default; it'd be really nice of course
    to *implement* this by just making the composefs overlayfs writable,
    but I am not sure we can hard require composefs for this right now.
    
    So this change adds support for `root.transient = true`
    in `/usr/lib/ostree/prepare-root.conf`.
    
    The major downside is that people could be surprised if files they
    write to e.g. `/opt` don't persist across upgrades.  But, that's
    already again how it works since Docker started.
    
    Note as part of the implementation of this, we need to add a whole
    new "backing" directory distinct from the deployment directories.
    
    (Tangentially related to this, it's tempting to switch to always
     using a *read-only* overlay mount by default.
    cgwalters committed Dec 7, 2023
    Configuration menu
    Copy the full SHA
    8fbaeba View commit details
    Browse the repository at this point in the history