1. 07 Mar, 2019 3 commits
  2. 19 Feb, 2019 1 commit
  3. 14 Feb, 2019 2 commits
  4. 28 Sep, 2018 3 commits
  5. 27 Sep, 2018 2 commits
  6. 19 Sep, 2018 2 commits
  7. 08 Mar, 2018 2 commits
  8. 24 Jan, 2018 1 commit
  9. 23 Jan, 2018 3 commits
  10. 20 Jul, 2017 5 commits
  11. 19 Jul, 2017 2 commits
  12. 18 Jul, 2017 6 commits
  13. 06 Jul, 2017 2 commits
  14. 05 Jul, 2017 1 commit
    • Colin Walters's avatar
      pull: Cleanly error when doing local pulls of remote-prefixed refs · 32342953
      Colin Walters authored
      In the storage PR I was trying to do a `pull-local` of the whole
      `/ostree/repo` on the system, which ended up triggering a `g_critical()`
      in the collections code, since we tried to parse a remote-prefixed ref
      `fedora:fedora/26/x86_64/atomic-host` as a ref.
      
      I'm not sure offhand what our behavior in this case *should* be.  I
      think git only clones local refs, but I need to check.
      
      This corner case arises only with `pull-local`.  But in any case,
      while we were previously saying this is programmer error, since it's
      so easy to pass various unchecked input into the pull machinery,
      make invalid refs an explicit error.
      
      Closes: #992
      Approved by: jlebon
      32342953
  15. 04 Jul, 2017 2 commits
    • Colin Walters's avatar
      lib/repo: Add min-free-space-percent option, default 3% · 1f5ce1a9
      Colin Walters authored
      For ostree-as-host, we're the superuser, so we'll blow past
      any reserved free space by default.  While deltas have size
      metadata, if one happens to do a loose fetch, we can fill
      up the disk.
      
      Another case is flatpak: the system helper has similar concerns
      here as ostree-as-host, and for `flatpak --user`, we also
      want to be nice and avoid filling up the user's quota.
      
      Closes: https://github.com/ostreedev/ostree/issues/962
      
      Closes: #987
      Approved by: jlebon
      1f5ce1a9
    • Colin Walters's avatar
      lib/commit: Use provided length when doing writes · 8d4d638e
      Colin Walters authored
      This is prep for storage space checks, where we look at free
      space after parsing the metadata, before we write anything.
      
      We did length-limited writes in the fd-based input path, but not for the
      `GInputStream` path which in practice is used for HTTP pulls.
      
      Closes: #987
      Approved by: jlebon
      8d4d638e
  16. 30 Jun, 2017 3 commits
    • Colin Walters's avatar
      lib/commit: Ensure bare-user objects are always user-readable · 3348baf6
      Colin Walters authored
      Some of the Jenkins jobs for Fedora Atomic Host broke after updating
      to 2017.7, and it turns out that we regressed handling unreadable
      files in `bare-user` mode.  An example of this is `/etc/shadow`, which
      ends up in the ostree-as-host content as `/usr/etc/shadow`.
      
      Now there are better fixes here; we should probably delete it and create it
      during the config merge if it doesn't exist.  In general, having secret files in
      ostree really isn't supported, so it doesn't make sense to include them.
      
      But let's fix this regression - when operating as an unprivileged user we don't
      have `CAP_DAC_OVERRIDE` and hence will fail to open un-user-readable objects.
      
      (We still preserve the actual `0` mode of course in the xattr and will
       apply it in `bare`)
      
      Closes: #989
      Approved by: jlebon
      3348baf6
    • Colin Walters's avatar
      bin/commit: Add '=' to --statoverride · cd7d3594
      Colin Walters authored
      Previously, we only supported additions in the statoverride file;
      it was mainly for adding the setuid bit without having that physically
      on disk.
      
      However, for testing a change to `bare-user` handling around *unreadable*
      files (which happens for `/etc/shadow` in host content), I need a way
      to write that into a repo in the test suite.
      
      I'm not actually aware of a non-test-suite use case for this; a more
      sophisticated user is going to be using the API directly, which can already do
      this. But we need it for tests at least.
      
      Closes: #989
      Approved by: jlebon
      cd7d3594
    • Colin Walters's avatar
      bin/commit: Port helper functions to new style · e3a540a6
      Colin Walters authored
      Prep for more work here.  Can't yet port the main function
      without a cleanup for transactions.
      
      Closes: #988
      Approved by: jlebon
      e3a540a6