Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

core: also wrap kernel-install for scriptlets #4950

Merged
merged 2 commits into from
May 8, 2024
Merged

core: also wrap kernel-install for scriptlets #4950

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
32fd7a0
ci/test-container: move URL definitions to the top
jlebon May 7, 2024
2a8017c
core: also wrap `kernel-install` for scriptlets
jlebon May 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 32 additions & 30 deletions ci/test-container.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,30 @@ fatal() {
exit 1
}

versionid=$(. /usr/lib/os-release && echo $VERSION_ID)

# Test overrides
case $versionid in
40)
ignition_url_suffix=2.16.2/2.fc39/x86_64/ignition-2.16.2-2.fc39.x86_64.rpm
# 2.15.0-3
koji_ignition_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2158585"
koji_kernel_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2435097"
kver=6.8.5
krev=300
;;
39)
ignition_url_suffix=2.16.2/1.fc39/x86_64/ignition-2.16.2-1.fc39.x86_64.rpm
# 2.15.0-3
koji_ignition_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2158585"
koji_kernel_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2294111"
kver=6.5.5
krev=300
;;
*) fatal "Unsupported Fedora version: $versionid";;
esac
IGNITION_URL=https://kojipkgs.fedoraproject.org//packages/ignition/$ignition_url_suffix

repodir=/usr/lib/coreos-assembler/tests/kola/rpm-ostree/destructive/data/rpm-repos/

cat >/etc/yum.repos.d/libtest.repo <<EOF
Expand Down Expand Up @@ -42,6 +66,11 @@ fi
rm "${origindir}/clienterror.yaml"
rpm-ostree ex rebuild

# test kernel installs *before* enabling cliwrap
rpm-ostree override replace $koji_kernel_url
# test that the new initramfs was generated
test -f /usr/lib/modules/${kver}-${krev}.fc${versionid}.x86_64/initramfs.img

rpm-ostree cliwrap install-to-root /

# Test a critical path package
Expand All @@ -52,34 +81,11 @@ test '!' -d /var/cache/rpm-ostree
rpm -e cowsay
if rpm -q cowsay; then fatal "failed to remove cowsay"; fi

versionid=$(. /usr/lib/os-release && echo $VERSION_ID)

# Test overrides
case $versionid in
40)
url_suffix=2.16.2/2.fc39/x86_64/ignition-2.16.2-2.fc39.x86_64.rpm
# 2.15.0-3
koji_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2158585"
koji_kernel_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2435097"
kver=6.8.5
krev=300
;;
39)
url_suffix=2.16.2/1.fc39/x86_64/ignition-2.16.2-1.fc39.x86_64.rpm
# 2.15.0-3
koji_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2158585"
koji_kernel_url="https://koji.fedoraproject.org/koji/buildinfo?buildID=2294111"
kver=6.5.5
krev=300
;;
*) fatal "Unsupported Fedora version: $versionid";;
esac
URL=https://kojipkgs.fedoraproject.org//packages/ignition/$url_suffix
# test replacement by URL
rpm-ostree override replace $URL
rpm-ostree override replace $IGNITION_URL
rpm-ostree override remove ignition
# test local RPM install
curl -Lo ignition.rpm $URL
curl -Lo ignition.rpm $IGNITION_URL
rpm-ostree install ignition.rpm
rpm -q ignition

Expand All @@ -88,7 +94,7 @@ dnf -y uninstall kexec-tools
if rpm -q kexec-tools; then fatal "failed to remove kexec-tools"; fi

# test replacement by Koji URL
rpm-ostree override replace $koji_url |& tee out.txt
rpm-ostree override replace $koji_ignition_url |& tee out.txt
n_downloaded=$(grep Downloading out.txt | wc -l)
if [[ $n_downloaded != 1 ]]; then
fatal "Expected 1 'Downloading', but got $n_downloaded"
Expand Down Expand Up @@ -118,10 +124,6 @@ rpm -q strace
rpm -q afterburn | grep g
rpm -q afterburn-dracut | grep g

rpm-ostree override replace $koji_kernel_url
# test that the new initramfs was generated
test -f /usr/lib/modules/${kver}-${krev}.fc${versionid}.x86_64/initramfs.img

# test --enablerepo --disablerepo --releasever
rpm-ostree --releasever=38 --disablerepo="*" \
--enablerepo=fedora install tmux
Expand Down
18 changes: 17 additions & 1 deletion rust/src/core.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,8 @@ const USERADD_PATH: &str = "usr/sbin/useradd";
const USERADD_WRAPPER: &[u8] = include_bytes!("../../src/libpriv/useradd-wrapper.sh");
const USERMOD_PATH: &str = "usr/sbin/usermod";
const USERMOD_WRAPPER: &[u8] = include_bytes!("../../src/libpriv/usermod-wrapper.sh");
const KERNEL_INSTALL_PATH: &str = "usr/bin/kernel-install";
const KERNEL_INSTALL_WRAPPER: &[u8] = include_bytes!("../../src/libpriv/kernel-install-wrapper.sh");

const RPMOSTREE_CORE_STAGED_RPMS_DIR: &str = "rpm-ostree/staged-rpms";

Expand Down Expand Up @@ -148,6 +150,7 @@ impl FilesystemScriptPrep {
(SYSTEMCTL_PATH, SYSTEMCTL_WRAPPER),
(USERADD_PATH, USERADD_WRAPPER),
(USERMOD_PATH, USERMOD_WRAPPER),
(KERNEL_INSTALL_PATH, KERNEL_INSTALL_WRAPPER),
];

fn saved_name(name: &str) -> String {
Expand Down Expand Up @@ -441,7 +444,7 @@ mod test {
// Replaced usermod.
{
let original_usermod = "original usermod";
d.atomic_write_with_perms(super::USERMOD_PATH, original_usermod, mode)?;
d.atomic_write_with_perms(super::USERMOD_PATH, original_usermod, mode.clone())?;
let contents = d.read_to_string(super::USERMOD_PATH)?;
assert_eq!(contents, original_usermod);
let mut g = super::prepare_filesystem_script_prep(d.as_raw_fd())?;
Expand All @@ -451,6 +454,19 @@ mod test {
let contents = d.read_to_string(super::USERMOD_PATH)?;
assert_eq!(contents, original_usermod);
}
// Replaced kernel-install.
{
let original_kernel_install = "original kernel_install";
d.atomic_write_with_perms(super::KERNEL_INSTALL_PATH, original_kernel_install, mode)?;
let contents = d.read_to_string(super::KERNEL_INSTALL_PATH)?;
assert_eq!(contents, original_kernel_install);
let mut g = super::prepare_filesystem_script_prep(d.as_raw_fd())?;
let contents = d.read_to_string(super::KERNEL_INSTALL_PATH)?;
assert_eq!(contents.as_bytes(), super::KERNEL_INSTALL_WRAPPER);
g.undo()?;
let contents = d.read_to_string(super::KERNEL_INSTALL_PATH)?;
assert_eq!(contents, original_kernel_install);
}
Ok(())
}

Expand Down
9 changes: 9 additions & 0 deletions src/libpriv/kernel-install-wrapper.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
#!/usr/bin/bash
# Used in the container layering path to make kernel replacements Just Work
# without having to enable cliwrap first. If cliwrap is enabled, then this will
# technically override the cliwrap wrapper, but the script is exactly the same.
# This wrapper is technically also installed when doing client-side layering,
# but we already ignore kernel scriptlets there anyway.
# See also https://github.com/coreos/rpm-ostree/issues/4949

exec /usr/bin/rpm-ostree cliwrap kernel-install "$@"
Loading