Release 2017.4
A notable new feature in this release is a *fourth* repository
mode: "bare-user-only". This is very similar to `bare-user`, but
canonicalizes permissions and ignores xattrs. The intended
use of this is for "non-OS" container tools such as flatpak, where one
intentionally discards the traditional file ownership.
(I'm calling this container case "non-OS" to distinguish from other container tools
where one might want to "log in" via PAM and supporting distinct UIDs
inside a single container is valuable)
More information: https://github.com/ostreedev/ostree/pull/750
We have a few new APIs, such as `ostree_check_version()` which is
important when making use of some of the "API extensions" we have
using `GVariant` on e.g. `ostree_repo_pull_with_options()`.
The diff is a bit larger due to us switching to a new code style.
Another quite important change is that `ostree trivial-httpd` is
disabled by default. With a libcurl build, this is the last part
that links to libsoup. It's only needed for unit tests, so can
be subpackaged or discarded. (We're doing the latter for Fedora)
Speaking of curl, we now support `--with-openssl` which enables
using OpenSSL's `libcrypto` for SHA256. This can be notably faster.
You likely want this if e.g. `libcurl` is already linked to OpenSSL
for you. I'm increasingly confident in the curl code, and should
be ready to recommend using it by default in the next release or
two.
Thanks to all contributors!
Alexander Larsson (4):
Add _ostree_repo_mode_is_bare helper
Add bare-user-only repo mode
commit: Add --canonical-permissions argument
Add basic tests for bare-user-only repo modes
André Klitzing (2):
Avoid unnecessary includes
Fix includes if built against musl
Anton Gerasimov (1):
Define TARGET_PREFIX to use with grub2 deployment
Colin Walters (46):
Disable "ostree trivial-httpd" by default now
core: Add runtime ostree_check_version()
builtin/show: Convert to direct return/decl-after-stmt style
pull: Squash a `-Wmaybe-uninitialized` warning
lib: Exclude soup header from introspection
lib: Squash most of the gtk-doc warnings for missing parameters
lib: Add a private copy of checksum-instream
core: Support building with OpenSSL for checksums
sysroot/deploy: Some cleanup to decl-after-stmt/return FALSE style
sysroot: Prep refactoring of cleanup logic
build: Quiet automake warning for bupsplit
build: Various fixes for openssl build
Bump libglnx, port a few callers to new error API
sepolicy: Add ostree_sepolicy_new_at()
sepolicy: Add better private API for setfscreatecon
cfg.mk: Add a syntax check for a redundant : in glnx_throw
repo/refs: Convert to new code style
sysroot: Add ostree_sysroot_write_deployments_with_options()
core: Convert some functions to new code style
build: Dist ostree-sepolicy-private.h
commit: Prefix error with target object name on failure to write
repo+tests: Add [core]disable-xattrs=true, use it on overlayfs
pull: Also skip partial commits for deltas if no summary file
ci: Enable -Werror=unused-result with -Wp,-D_FORTIFY_SOURCE=2
sysroot: Don't cache sepolicy
repo/commit: Change most of this file to new code style
build: Expose autocleanups unconditionally, start using them
lib: Fix OSTREE_CHECK_VERSION()
lib: Delete old GFile path helpers, and migrate single last user
lib: Delete old unused GFile helpers
libutil: Delete unused threadpool wrapper
libutil: Delete unused GVariant I/O functions
libutil: Delete some unused checksum helper API
libutil: Delete some unused error handling APIs
Add Coccinelle usage: one for blacklisting, one for patch collection
sepolicy: Fix regressions from introduction of sepolicy_new_at()
Add flag to make SELinux label failure fatal, add hack for /proc
ci: Add a check that submodule changes include "Update submodule: "
core: Fix default value of disable_xattrs
repo/core: Convert some functions to new code style
soup: Hold a ref to the pending URI during completion processing
sysroot/deploy: More code style conversion
curl: Enable pipelining for HTTP/2
Fix a few gtk-doc warnings
checkout: Provide useful error with checkout -H and incompat mode
Release 2017.4
Daniel J Walsh (1):
sysroot/unlock: Ensure overlay label on /usr is `usr_t`
Erik Larsson (1):
diff: Add ostree_diff_dirs_with_options(), expose via cmdline
Georges Basile Stavracas Neto (1):
libostree: add versioning macros
Git-EVTag-v0-SHA512: 71f0649308f04f15eb6a22b4b34c2804d680d5870dd3b6391079fa2be6c0f4df74e7ed4f8abbb461104ad23707ecf38587b187a8bd240a9979e4800c13efce78