Skip to content

Commit

Permalink
Add support for composefs
Browse files Browse the repository at this point in the history
This pairs with ostreedev/ostree#2640

It's all off by default (to state the obvious).  But one can do e.g.:

```
$ cat >> src/config/image.yaml << EOF
composefs: true
EOF
```

To test out the fsverity bits, you also want
`rootfs: ext4verity`

More in ostreedev/ostree#2867
  • Loading branch information
cgwalters committed Jul 5, 2023
1 parent 8967d3b commit 08dbab4
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 1 deletion.
10 changes: 10 additions & 0 deletions src/cmd-build
Original file line number Diff line number Diff line change
Expand Up @@ -326,6 +326,16 @@ fi
if [ ! -f "${workdir}"/builds/builds.json ] && [ ! -f "${fetch_stamp}" ] ; then
fatal "Must fetch before building"
fi
composefs="$(jq -r .composefs < "${image_json}")"
case "${composefs}" in
false)
;;
true)
ostree config --repo="${tmprepo}" set ex-integrity.composefs "true"
;;
*) fatal "Unhandled composefs setting: ${composefs}" ;;
esac

# --cache-only is here since `fetch` is a separate verb
# shellcheck disable=SC2086
if test -n "${previous_commit}"; then
Expand Down
6 changes: 5 additions & 1 deletion src/create_disk.sh
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@ esac
rootfs_args=$(getconfig_def "rootfs-args" "")

bootfs=$(getconfig "bootfs")
composefs=$(getconfig_def "composefs" "")
grub_script=$(getconfig "grub-script")
ostree_container=$(getconfig "ostree-container")
commit=$(getconfig "ostree-commit")
Expand Down Expand Up @@ -310,11 +311,14 @@ ostree config --repo $rootfs/ostree/repo set sysroot.bootloader none
# Opt-in to https://github.com/ostreedev/ostree/pull/1767 AKA
# https://github.com/ostreedev/ostree/issues/1265
ostree config --repo $rootfs/ostree/repo set sysroot.readonly true
if test -n "${composefs}"; then
ostree config --repo $rootfs/ostree/repo set ex-integrity.composefs true
fi
# Initialize the "stateroot"
ostree admin os-init "$os_name" --sysroot $rootfs

# Propagate flags into target repository
if [ "${rootfs_type}" = "ext4verity" ]; then
if [ "${rootfs_type}" = "ext4verity" ] && [ -z "${composefs}" ]; then
ostree config --repo=$rootfs/ostree/repo set ex-fsverity.required 'true'
fi

Expand Down
2 changes: 2 additions & 0 deletions src/image-default.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ bootfs: "ext4"
rootfs: "xfs"
# Add arguments here that will be passed to e.g. mkfs.xfs
rootfs-args: ""
# Set to "true" to enable composefs
composefs: false

# Additional default kernel arguments injected into disk images
extra-kargs: []
Expand Down

0 comments on commit 08dbab4

Please sign in to comment.