Copy in additional files before postprocessing #997
Conversation
|
Can one of the admins verify this patch?
|
|
While I'm thinking about this, I did backport this patch to the 2017.8 release and tested locally, and it works as advertised. |
|
Hi, thanks for the patch! There's a bigger picture issue here; see I swear there was another issue filed about this; I found #779 but that's not quite the same. Anyways I have a vague concern about compatibility here - could someone have been using |
|
There are tests in |
|
Well, you've read my mind. As I think I mentioned to you at Flock, I'm really interested in using this to run ansible locally. In my testing, I've managed to tar up my ansible playbooks, copy them across using add-files, and run them. I'm hitting some roadblocks in ansible (apparently the service and systemd modules don't like being unable to connect to systemd when enabling and disabling services), so I haven't actually managed to complete a compose yet, but, assuming rpm-ostree will commit after running the post script, it's working perfectly. The only situation that I thought of where add-files might need to happen after post was if it doesn't create any intermediate directories and the user needs to be manually do that in post. |
|
Just to clarify, for what I'm doing, I don't actually need network access when running the ansible scripts. |
|
Will look at this and tests for it after the next release. |
|
bot, add author to whitelist |
|
This breaks at least the current |
Hooray, it's dead (here, but not in ostree). Noticed this while working on <coreos#997>
Lots of confusion in the codebase about this. The basic problem is that in *most* cases, our code doesn't care; it's conceptually operating on `/usr/etc`, which we could maintain as `/etc` and just rename it back at the very end. The exceptions though are the `/etc/passwd` handling and livefs. And of course libostree needs to handle `/usr/etc` vs `/etc` for config merging. I considered trying to keep things the other way, but while I think we have some ugly added here in this patch for things where we need to maintain an external view (`remove-files` and `remove-from-packages`, and boy am I glad we had tests for those), this ends up being mostly more consistent elsewhere. One thing that might help is to maintain a fd for it; but that'd be an even more invasive change. This also ends up rolling in some unified core prep from coreos#940 in the form of `rename_if_exists()` - basically for some minimal rootfs we may not have `/boot`, or for that matter potentially even `etc`. Prep for coreos#997
|
OK, reworked this with a prep patch. Lifting WIP. |
| @@ -1442,6 +1450,12 @@ rpmostree_treefile_postprocessing (int rootfs_fd, | |||
| if (!glnx_shutil_rm_rf_at (rootfs_fd, val, cancellable, error)) | |||
| return FALSE; | |||
| } | |||
| if (len > 0) | |||
There was a problem hiding this comment.
But the array could be specified but empty, right? I'd just shove this whole loop with the pre and post /etc moves in the if statement itself.
src/libpriv/rpmostree-passwd-util.c
Outdated
| if (!glnx_fstatat_allow_noent (rootfs_dfd, "usr/etc", &stbuf, 0, error)) | ||
| return FALSE; | ||
| if (errno == ENOENT) | ||
| etc_path = "etc"; |
There was a problem hiding this comment.
But this should never happen, right? We've already moved /etc to /usr/etc, so it'd be an error to not find it there, no?
There was a problem hiding this comment.
Updated for everything except this...I still need to investigate this bit more.
There was a problem hiding this comment.
OK, upon further investigation I think you're right. I haven't yet rebased unified core on top of this to verify but if there's an issue with that we can fix it later.
| @@ -1559,6 +1556,10 @@ rpmostree_treefile_postprocessing (int rootfs_fd, | |||
| } | |||
| } | |||
|
|
|||
| /* Copy in additional files before postprocessing */ | |||
| if (!copy_additional_files (rootfs_fd, context_directory, treefile, cancellable, error)) | |||
There was a problem hiding this comment.
I just realized now that we handle add-files after the /etc to /usr/etc move. What this patch does is correct since it maintains that, though are we sure that's what we want to begin with? Seems like users would expect to dump things in e.g. /etc, not /usr/etc, right?
There was a problem hiding this comment.
FWIW, I'd prefer the /etc to /usr/etc move happen after both add-files and the post script, but it's easy enough to work around if that's not possible.
There was a problem hiding this comment.
I'm not totally opposed to changing it but on the other hand we had a test case that did it, and I've definitely seen people talk about using add-files here and I'd like not to break them.
Perhaps the simplest thing is to support both; we could do that by dropping a temporary symlink, or translating paths.
There was a problem hiding this comment.
Translating paths seems reasonable, yeah.
Lots of confusion in the codebase about this. The basic problem is that in *most* cases, our code doesn't care; it's conceptually operating on `/usr/etc`, which we could maintain as `/etc` and just rename it back at the very end. The exceptions though are the `/etc/passwd` handling and livefs. And of course libostree needs to handle `/usr/etc` vs `/etc` for config merging. I considered trying to keep things the other way, but while I think we have some ugly added here in this patch for things where we need to maintain an external view (`remove-files` and `remove-from-packages`, and boy am I glad we had tests for those), this ends up being mostly more consistent elsewhere. One thing that might help is to maintain a fd for it; but that'd be an even more invasive change. This also ends up rolling in some unified core prep from coreos#940 in the form of `rename_if_exists()` - basically for some minimal rootfs we may not have `/boot`, or for that matter potentially even `etc`. Prep for coreos#997
Even though it's really `/usr/etc`. This is for greater consistency with `postprocess-script` where it appears as `/etc`.
Sometimes it's useful to have access to the additional files when running the post script, so this re-orders the compose process to copy the additional files in before the post script runs Signed-off-by: Jonathan Dieter <[email protected]>
|
Looks good! @rh-atomic-bot r+ 3596d11 |
Even though it's really `/usr/etc`. This is for greater consistency with `postprocess-script` where it appears as `/etc`. Closes: #997 Approved by: jlebon
Sometimes it's useful to have access to the additional files when running the post script, so this re-orders the compose process to copy the additional files in before the post script runs Signed-off-by: Jonathan Dieter <[email protected]> Closes: #997 Approved by: jlebon
|
☀️ Test successful - status-atomicjenkins |
|
Just got burned by this (add-files to /etc, ostree fails due to existence of both /etc and /usr/etc). I realize this pull will address this but what happens now if I add-files to /usr/etc (my workaround for the current release)? Will there be a similar error? Consider this a request for documentation and a check/error message at rpm-ostree compose time. |
|
Hi @tjim - it should work in both cases now in git master. |
Sometimes it's useful to have access to the additional files when running the post script, so this re-orders the compose process to copy the additional files in before the post script runs.
I'm not sure how to create a test for this patch, but if you give me some pointers, I'll put something together.