This prevents errors with non chrooted setfiles calls
in which fail due to policy divergences between host and
target.
For that purpose a new option to chroot utility has
been included to allow chroot without setting the default
bind mounts for /dev/, /sys and /proc.
Signed-off-by: David Cassany <dcassany@suse.com>
(cherry picked from commit a8982b16ce)
When building a disk image we do not specify the snapshotter, which
configures the expansion mechanism to set COS_STATE partition filesystem
to ext4.
The green flavor uses the btrfs snapshotter, which means when it boots
and tries to mount the COS_STATE partition it expects a btrfs
filesystem, but finds an ext4 one, which errors.
In this commit we add the --snapshotter.type flag to the build-disk
command and set the snapshotter in the Makefile accordingly.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Minor change to lookup devices using blkid and updating the upgradeSpec
if needed. This may be needed when running elemental upgrade in
multipathd systems
Signed-off-by: Gaurav Mehta <gaurav.mehta@suse.com>
When the MaxSnaps configuration option is set to 0 the following panic
occurs during installation:
```
[PANICKED] Test Panicked
In [It] at: /usr/lib64/go/1.24/src/runtime/panic.go:115 @ 07/01/25 10:04:57.47
runtime error: index out of range [0] with length 0
Full Stack Trace
github.com/rancher/elemental-toolkit/v2/pkg/snapshotter.(*LoopDevice).cleanOldSnapshots(0xc00025a300)
/home/frelon/src/elemental-toolkit/pkg/snapshotter/loopdevice.go:468 +0x3e7
github.com/rancher/elemental-toolkit/v2/pkg/snapshotter.(*LoopDevice).CloseTransaction(0xc00025a300, 0xc000234a00)
/home/frelon/src/elemental-toolkit/pkg/snapshotter/loopdevice.go:271 +0x11d5
github.com/rancher/elemental-toolkit/v2/pkg/snapshotter_test.init.func3.12()
/home/frelon/src/elemental-toolkit/pkg/snapshotter/loopdevice_test.go:204 +0x38e
```
This commit checks that we don't try to delete old snapshots in case
there are none.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Fixes squashfs images creation (bsc#1233289)
If upgrading from a container including the root of the host
mounted in /host the upgrade process does not exclude the /host
path and other stateful paths such as /run.
This commit sets the default excludes used in rsync calls
to also apply for mksquashfs.
Signed-off-by: David Cassany <dcassany@suse.com>
* Define static method for default exclude relative paths
This commit defines static methods for excluded paths in
sync operations. One method for relative paths and
another one with the same result rooted to a given path.
It also uses wildcards to only exclude certain directories
content while keeping the directory itself.
Signed-off-by: David Cassany <dcassany@suse.com>
* Add some additional unit tests for rsync wrappers
Signed-off-by: David Cassany <dcassany@suse.com>
---------
Signed-off-by: David Cassany <dcassany@suse.com>
btrfs volume IDs are not accurate with newer btrfs formated volumes. They are now matched using their names.
Changes:
- added '-a' to subvolume list to encure that full subvolume path is available
- changed btrfs probe from ID match to name match
- changed state volume match in findStateMount from target mount point to source subvolume
Changes:
- ensure that kernel and initrd are relative links
- add 'active_snap' variable to grub (managed by snapshotter)
- add 'root_subpath' variable to grub
- snapper can now be used on orange flavor (see notes)
Notes:
- 'active_snap' and 'root_subpath' allows grub to build a relative path to the kernel and initrd when btrfs_relative_path is not available.
- Snapper works on orange flavor, however it can take several minutes before the daemon initialize in active or passive mode. If elemental upgrade is invoked during this time it will fail.
The default behavior has been to hide any errors and only log warnings.
Using the --strict flag will ensure any yip errors are actually
reported.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Isolating btrfs and snapper specific logic
Signed-off-by: David Cassany <dcassany@suse.com>
* Define a backend interface for btrfs snapshotter
This commit adds a backend interface in btrfs snapshotter. The interface
essentially wraps snapper and btrfs utilities.
The idea is make a pure btrfs implementation of the interface and
also a snapper based implementation.
The functions that snapper can't provide are simply managed by the btrfs
implementation.
Signed-off-by: David Cassany <dcassany@suse.com>
* Move snapper configuration to snapper backend
Signed-off-by: David Cassany <dcassany@suse.com>
* Implement btrfs backend
This commit implements the btrfs backend for the btrfs snapshotter
and moves all the logic of specific btrfs client calls there.
The backend interface is also refined for that purpose.
Signed-off-by: David Cassany <dcassany@suse.com>
* Make the btrfs snapshotter backend configurable
Signed-off-by: David Cassany <dcassany@suse.com>
* Add some method comment headers
Signed-off-by: David Cassany <dcassany@suse.com>
* Few small changes to facilitate testing
Signed-off-by: David Cassany <dcassany@suse.com>
* Add btrfs-backend unit tests
Signed-off-by: David Cassany <dcassany@suse.com>
* Add snapper backend unit tests
Signed-off-by: David Cassany <dcassany@suse.com>
* revert back to snapper for green example
Signed-off-by: David Cassany <dcassany@suse.com>
---------
Signed-off-by: David Cassany <dcassany@suse.com>
* Add cloud-init paths of the new root in 'after-*' hooks
This commit enables to run the non chrooted 'after-*' hooks
included in the newly deployed image root. This specially applies to the
install, reset, upgrade and build-disk commands.
Moreover, 'after-disk' command now includes static reference paths to
the new root and working directory, so that those can be used within
the hooks regardless of the choosen output directory.
* Include arm-firwmare feature
This commit introduces an arm-firmware feature adding
the required after-* hooks to ensure the RPi firmware is
copied to the EFI partition.
It could be, eventually, extended to support other boards
and it does not harm systems which are not including RPi
firmware.
* Allow features to be passed as arguments
Signed-off-by: David Cassany <dcassany@suse.com>
* Include 'build-disk' action traces in initial state yaml
* Include integration tests for the 'state' subcommand
* Add state check for installer tests
Signed-off-by: David Cassany <dcassany@suse.com>
* Bump go-efilib
Signed-off-by: David Cassany <dcassany@suse.com>
* Adapt to new efilib library
Signed-off-by: David Cassany <dcassany@suse.com>
---------
Signed-off-by: David Cassany <dcassany@suse.com>
* Allow skipping TLS verification on registries
Signed-off-by: David Cassany <dcassany@suse.com>
* Improve error logging
Signed-off-by: David Cassany <dcassany@suse.com>
* Fix flag default value
Signed-off-by: David Cassany <dcassany@suse.com>
* Fix image extractor mock and use default TLS verification for tests
Signed-off-by: David Cassany <dcassany@suse.com>
---------
Signed-off-by: David Cassany <dcassany@suse.com>
* Update k8s.io/mount-utils to latest version
* Mounter without systemd integration
* Update go.mod
Signed-off-by: David Cassany <dcassany@suse.com>
Signed-off-by: David Cassany Viladomat <dcassany@suse.com>
Co-authored-by: Francesco Giudici <francesco.giudici@gmail.com>
* Make EFI partition size configurable at install time
* Add a custom EFI size test
* Rename efi to bootloader partition in config.yaml
* Rename EFI variable to Boot
* Rename constants
Signed-off-by: David Cassany <dcassany@suse.com>
This commit refactors the efi mocks out of pkg/efi/types.go and adds a
ReadLoadOptions method the the efivars interface.
We also add some tests for creating a new BootManager and verify that
the ReadLoadOptions error does not bubble up from NewBootManager method.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
When encountering a boot-entry for a device-path that go-efilib is
unable to parse we should just skip that entry instead of erroring out.
This same behavior is used earlier in the same loop so this should fix
an edge-case where the boot entry is parseable but the device-path is
not.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
During recovery test when writing the upgraded install state yaml file
snapper fails trying to list snapshots because of trying to selinux
relabel a .snapshots dir that is read-only.
This error does not impact functionality and should be discarded.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Bootloader-in-rootfs=true
Change the default value of bootloader-in-rootfs flag for build-iso
command to true.
* Change default bootloader-in-rootfs
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add extra-cmdline flag to build-iso command
The extra-cmdline can be used to customize the kernel commandline used
for the ISO.
Some arbitrary flags were moved to the extra-cmdline in order to support
overriding security and consoles.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
In this commit we add selinux support to the mount command.
During mount we put a list of persistent+ephemeral directories in
/run/systemd/extra-relabel.d/elemental.layout in order to make systemd
relabel the directories before loading the policy.
We also try to chroot into the new sysroot and run setfiles using a find
wrapper to set on deepest files first.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
David Cassany