In order to debug failures more reliably we really always want a virtual
console.
It turns out the Fedora kernel configs for a while have done
9a0d7ce2af
which means hvc0 is available from very early boot.
I am probably going to argue to do this in all Fedora derivatives by
default soon but let's start here.
Signed-off-by: Colin Walters <walters@verbum.org>
Fixes a regression where bootupd detection was happening before the
container was deployed, causing bootc to incorrectly check the host
system instead of the target container image. This led to false negatives
when the container had bootupd but the host didn't.
The fix moves bootloader detection into a new PostFetchState that's
created after the deployment is available, ensuring we check the actual
target filesystem.
Fixes: #1778
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
Now that we've cut over to always building + installing via
an (RPM) package in our build system, we need to always install
the dracut module.
Signed-off-by: Colin Walters <walters@verbum.org>
We were bit before by just doing a `COPY` of our binaries overtop of
the base image because that doens't remove old files.
Replace the pre-build approach with rpmbuild, and then change to
do an rpm-based upgrade so that we fix that problem.
Note that we still preserve incremental rebuilds by overriding
some of the RPM build process.
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
- The ci/Dockerfile.fcos has been unused for some time and
testing with FCOS derivatives is already done outside of CI
here
- Drop the bits which reference git in the Makefile, a new rule
I'm trying to impose here is that nothing in the build system
should rely on git (or at least not rely on being built
from a git repository)
Signed-off-by: Colin Walters <walters@verbum.org>
This was used at one point for composefs testing, but no longer.
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
This implements readonly mounting of /sysroot for composefs systems,
matching the behavior that ostree systems already have. Previously,
composefs left /sysroot mounted read-write, which was inconsistent
and meant the readonly tests had to be skipped for composefs.
The implementation uses a direct `libc::syscall` wrapper for
`mount_setattr` since rustix doesn't yet provide this API. The
`MOUNT_ATTR_RDONLY` flag is applied to three mount
points during initramfs setup:
- The composefs rootfs image mount (becomes `/` after switch-root)
- The test root filesystem mount (used in testing scenarios)
- The sysroot clone mount (becomes `/sysroot` in the booted system)
With this change, the readonly /sysroot tests in test-status.nu
now run for both ostree and composefs systems without conditional
checks.
Assisted-by: Claude Code (Sonnet 4.5)
Co-authored-by: Pragyan Poudyal <pragyanpoudyal41999@gmail.com>
Signed-off-by: Pragyan Poudyal <pragyanpoudyal41999@gmail.com>
Signed-off-by: Colin Walters <walters@verbum.org>
This fixes bootc's use of the Discoverable Partition Specification (DPS)
to properly support systemd-gpt-auto-generator. Previously, bootc was
incorrectly setting filesystem UUIDs to the DPS partition type UUID value,
which caused UUID collisions and prevented proper DPS functionality.
It's still a TODO on our side to support systemd-repart in this flow.
Note we go back to using random filesystem UUIDs with this, but
per above we should likely reinitialize them on boot via repart.
Note we remove root= parameter from kernel cmdline for composefs sealed images,
allowing systemd-gpt-auto-generator to auto-discover the root partition
and we test this.
Fixes: #1771
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
The bootc container lint command now reads tmpfiles.d configuration files
from both /usr/lib/tmpfiles.d and /etc/tmpfiles.d, with /etc entries
taking precedence (matching systemd's behavior).
Fixes #1732
Signed-off-by: gursewak1997 <gursmangat@gmail.com>
These were added without docs or tests and
only apply right now to the composefs backend. Hide them until
they meet the above quality bars.
Signed-off-by: Colin Walters <walters@verbum.org>
Sometimes systemd daemons are still running old binaries and
response "Access denied" when send reboot request
Force a full sync before reboot and Allow more delay for
bootc to settle
Signed-off-by: Xiaofeng Wang <henrywangxf@me.com>
PR #1718 introduced a regression where /sysroot was left writable after
running `bootc status`. This occurred because BootedStorage::new()
unconditionally calls set_mount_namespace_in_use(), which tells ostree
it can safely remount /sysroot as writable. When sysroot.load() is called
without actually being in a mount namespace, it leaves the global /sysroot
writable.
Fix by introducing an Environment enum that detects the runtime environment
(ostree, composefs, container, or other) early in the execution flow. Callers
now detect the environment and call prepare_for_write() if needed before
constructing BootedStorage. This ensures a single call to prepare_for_write()
per execution path and eliminates the previous layering violation where storage
code called into CLI code.
The Environment abstraction also makes it clearer when mount namespace
setup is required and provides a foundation for future environment-specific
behavior.
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
Really we want to just return the original slice that the Parameter
was created from. This also aligns with how Cmdline and ParameterKey
impl Display.
Where this really matters the most is to ensure we retain the quoting
that the parameter was created with, so I added a test just to sanity
check that. Before this change the test would fail because "foo"
would be stripped of its quotes and just rendered as foo unquoted.
Signed-off-by: John Eckersberg <jeckersb@redhat.com>
When commit cd8fa591 moved unit enablement to a systemd generator, it also
removed the installation of the fedora-bootc-destructive-cleanup script from
the Makefile. This was unintentional - while the symlink enablement should
be handled by the generator, the script itself still needs to be installed.
The trap is that because we weren't accurately removing old files
from the build, the old version was still there...until the new upstream
release.
Fix this in two ways:
First, continue to install the script on Fedora-like systems as before, but leave unit
enablement to the generator as intended.
Second, change how we remove prior state to clean out all files from
the RPM. (I did look at changing out the build system so we build
an RPM in this case which would be cleaner, but it's a large change)
Fixes: https://github.com/bootc-dev/bootc/issues/1748
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
It'll be really handy to have reference images which are tracking git main
of bootc for all the streams.
(TODO: switch these to be multi-arch at least for amd64, or
maybe we should use Konflux to do this)
Signed-off-by: Colin Walters <walters@verbum.org>
This copies the approach taken in bcvk, so when we change
our CI jobs I don't need to go and manually edit the GH configuration.
(A followup step here is to have automation to cut over all repositories
to do things this way)
Signed-off-by: Colin Walters <walters@verbum.org>
Renovate is currently failing because of the composefs-rs git
submodule (trying to debug that) so we're behind. At least this
one gets rid of multiple copies of rustix and an old toml version.
Signed-off-by: Colin Walters <walters@verbum.org>
I thought about this with the cloud-init disablement for now
with bcvk. It already works to just not enable `cloud-init.target`
which we were already doing.
Signed-off-by: Colin Walters <walters@verbum.org>
Primary motivation here is that these two should be equivalent:
foo="quoted value"
"foo=quoted value"
This also adds tests for a few more oddball cases that weren't covered
before but clarify the expected kernel behavior.
Closes: #1737
Signed-off-by: John Eckersberg <jeckersb@redhat.com>
I'm changing the default fs for Fedora in our CI to be xfs arbitrarily.
This code SHOULD work on non-fsverity hosts, and the other
code path in `tests/build-sealed` does.
Also, the remainder of the stuff was dead code so just drop it.
Signed-off-by: Colin Walters <walters@verbum.org>
Part 1: Use bcvk
For local tests, right now testcloud+tmt doesn't support UEFI, see
https://github.com/teemtee/tmt/issues/4203
This is a blocker for us doing more testing with UKIs.
In this patch we switch to provisioning VMs with bcvk, which
fixes this - but beyond that a really compelling thing about
this is that bcvk is *also* designed to be ergonomic and efficient
beyond just being a test runner, with things like virtiofs
mounting of host container storage, etc.
In other words, bcvk is the preferred way to run local virt
with bootc, and this makes our TMT tests use it.
Now a major downside of this though is we're effectively
implementing a new "provisioner" for tmt (bypassing the
existing `virtual`). In the more medium term I think we
want to add `bcvk` as a provisioner option to tmt.
Anyways for now, this works by discovers test plans via `tmt plan ls`,
spawning a separate VM per test, and then using uses tmt's connect
provisioner to run tests targeting these externally provisioned
systems.
Part 2: Rework the Justfile and Dockerfile
This adds `base` and `variant` arguments which are propagated through
the system, and we have a new `variant` for sealed composefs.
The readonly tests now pass with composefs.
Drop the continuous repo tests...as while we could keep
that it's actually a whole *other* entry in this matrix.
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
TMT does not support systemd soft-reboots - it only detects reboots
by checking if /proc/stat btime changes, which doesn't happen during
soft-reboots. This caused test-custom-selinux-policy to hang when
running with bcvk (which allows actual soft-reboots), while it
accidentally passed with testcloud (which forced full VM reboots).
Add bug-soft-reboot.md documenting this limitation and update both
test files to reference it. Also remove --soft-reboot=auto from
test-custom-selinux-policy since we can't test it with TMT anyway.
Assisted-by: Claude Code (Sonnet 4.5)
Signed-off-by: Colin Walters <walters@verbum.org>
