Skip to content

Releases: coreos/rpm-ostree

v2023.6

21 May 18:54
@jmarrero jmarrero
v2024.6
50a558c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2023.6 Latest
Latest

This is mainly a bugfix release and a couple of new features:

  • #4939 daemon: use new finalization APIs.
  • #4859 disable downloading filelists by default.
  • #4962 container: Add spinner/progress for layer fetches

One notable feature from ostree-rs-ext added with this dependency bump #4946 is initial support for zstd:chunked via ostreedev/ostree-rs-ext#622

Colin Walters (2):
      Remove modularity support entrypoints
      container: Add spinner/progress for layer fetches

HuijingHei (1):
      kargs: keep spaces in double quotes

Jonathan Lebon (5):
      docs/treefile.md: Document postprocess script ordering
      daemon: use new finalization APIs
      ci/test-container: move URL definitions to the top
      core: also wrap `kernel-install` for scriptlets
      packaging: drop `.in` extension on `rpm-ostree.spec.in`

Joseph Marrero (2):
      Release 2024.6
      rpm-ostree-fix-shadow-mode.service: don't run if OS is not installed

Luke Yang (3):
      Various Fedora 40 fixes
      Update to f40 kernel
      Disable downloading filelists by default

TimothΓ©e Ravier (6):
      docs/HACKING: Add example for ostree-rs-ext crate development
      update-check: Print unreliability warning on stderr
      deployment_utils: Also add version to cached update
      docs/HACKING: Update crate patching example
      container-update-check: Validate version in manifest diff
      deployment_utils: Fix version for cached container update

Yaakov Selkowitz (1):
      rpm-ostree.spec.in: Update rust macro usage

New Contributors

Full Changelog: v2024.5...v2024.6

Contributors

yselkowitz
Assets 3

v2024.5

15 Apr 14:41
@jmarrero jmarrero
v2024.5
10efee9
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.5

Release 2024.5

This is mainly a bugfix release with two notable PRs for
GHSA-2m76-cwhg-7wv6 which are:

  1. #4911
  2. #4913

On the compose side, encapsulating an OSTree commit into a container image is now much faster thanks to a more efficient approach. Encapsulating desktop composes in particular should now be much less painful.

On top of those changes there are several updates to the dependencies, error handling fixes and a CI updates.

Colin Walters (6):
      Release 2024.4
      Revert "compose: Inject our static tmpfiles.d dropins earlier"
      Revert "ci: Test `opt-usrlocal-overlays` end-to-end in Prow CI"
      passwd: Don't traverse symlinks when querying metadata
      container: Check that we found packages
      shadow: Adjust all deployments

Fred Tibbitts (1):
      Add kernel-uek-core.posttrans to list of ignored package scripts

HuijingHei (1):
      ci: sync tests with bootloader naming

Jonathan Lebon (1):
      passwd: create `/etc/[g]shadow` with mode 0

Joseph Marrero (1):
      install: specify sub-commands that are container build only.

Tym Lipari (1):
      container-encapsulate: make build_mapping_recurse significantly faster (#4768)

jbtrystram (1):
      unit: chmod /etc/[g]shadow[-] to 0000

New Contributors

Full Changelog: v2024.4...v2024.5

Contributors

tymlipari, jbtrystram, and fredtibbitts
Assets 3

v2024.4

15 Mar 17:13
@cgwalters cgwalters
v2024.4
624ddde
Compare
Choose a tag to compare
v2024.4

What's Changed

New Contributors

Full Changelog: v2024.3...v2024.4

Contributors

ianloic, cgwalters, and 4 other contributors
Assets 3

v2024.3

20 Feb 21:43
@jmarrero jmarrero
v2024.3
2e5ad3a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.3

Release 2024.3

Notable enhancements are:

  • rpm-ostree now has experimental support for installing RPMs with files in /opt and /usr/local. This can be enabled at compose time (via the opt-usrlocal-overlays switch), or client-side using an environment variable. Feedback on the approach would be greatly appreciated! #4728
Colin Walters (2):
      Port to ostree-ext 0.13, cap-std 3
      Release 2024.3

HuijingHei (3):
      proxy-test: verify proxy environment works
      Enhance 2 upgrade tests
      tests: minor fix for `client-layering-upgrade`

Jonathan Lebon (10):
      importer: Allow `/usr/local` RPM content
      Support RPMs installing in `/opt` and `/usr/local`
      app: Make `/var/usrlocal` and `/var/opt` compat symlinks in state overlay model
      core: Add knob to make it easier to test out state overlay model
      libpriv/rpm-util: Fix cap_t leak
      composepost: Add SELinux equivalency rule for /usr/lib/opt β†’ /opt
      ci/prow: Build rpm instead
      .copr/Makefile: Allow building RPM without git remote

Scott Hebert (1):
      Update container.md

TimothΓ©e Ravier (1):
      docs: Add generic container image configuration support

New Contributors

Full Changelog: v2024.2...v2024.3

Contributors

scoheb
Assets 3

v2024.2

25 Jan 02:20
@jmarrero jmarrero
v2024.2
ec6b2e0
Compare
Choose a tag to compare
v2024.2

Release 2024.2

Notable bug fixes are:

  • rpm-ostree now will set the correct file capabilities by getting the actual xattr bytes: #4769
  • rpm-ostree (ostree-ext) now will not remove all environment variables: ostreedev/ostree-rs-ext#583. For example this can affect proxy configuration passed via environment variables.
Colin Walters (1):
      daemon: Add a bit more error prefixing

HuijingHei (1):
      test-misc-2.sh: update checking log

Jonathan Lebon (9):
      core: Don't touch /usr/local at assembly time
      app: Tweak tmpfiles.d integration entries for `/usr/local`
      app: Split out /var/{opt,usrlocal} tmpfiles.d entries in separate dropin
      ci/prow: temporarily stop composing with new rpm-ostree
      rust/lockfile: Drop unused imports
      libpriv: Stop digging in private libcap internals
      .github: add new issue template

Joseph Marrero (2):
      Update ostree-ext to 0.12.9
      Release 2024.2


TimothΓ©e Ravier (1):
      Cargo.toml: Exclude idna/tests for vendor tarball

Full Changelog: v2024.1...v2024.2

Assets 3

v2024.1

02 Jan 21:53
@cgwalters cgwalters
v2024.1
8f7adb2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v2024.1

This release fixes two regressions, one introduced in 2023.13
for upgrades with layered packages, and one for kernel
argument handling.

What's Changed

Full Changelog: v2023.12...v2024.1

Contributors

cgwalters, HuijingHei, and dependabot
Assets 3

Release 2023.12

18 Dec 20:23
@jmarrero jmarrero
v2023.12
6a61574
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2023.12

Notable bug fixes are:

  • rpm-ostree now will remove duplicate tmpfiles entries #4697
  • rpm-ostree now will properly prune container layers #4720
Colin Walters (9):
      tmpfiles: Add a unit test
      tmpfiles: Rename reader function
      tmpfiles: Change `read_tmpfiles` to return a direct hashmap
      tmpfiles: Collect into a BTreeMap for reproducibility
      tmpfiles: Drop intermediate re-allocation
      composepost: Support rootfs.transient=yes
      Ensure container image layers are pruned
      tmpfiles: Fix error contexts
      tmpfiles: Handle old caches

HuijingHei (4):
      rpm-ostree-0-integration.conf: remove `/var/lib` tmpfiles entry as it is duplicated in `var.conf`
      rpmostree-postprocess.cxx: remove `var/` in unified core mode
      utils.rs: remove duplicate tmpfiles entries
      tmpfiles.rs: minor update

Full Changelog: v2023.11...v2023.12

Assets 3

Release 2023.11

30 Nov 01:47
@jmarrero jmarrero
v2023.11
8dfc819
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Release 2023.11

This is a smaller release. Notable new features and bug fixes are:

  • rpm-ostree now supports adding generic container configs #4701
  • rpm-ostree now adds padding between dracut's initramfs and random CPIO #4683
Colin Walters (10):
      Update to ostree-ext 0.12.5
      daemon: Make one bit of C++ code compatible with f38+f39 clang-format
      ci/test-container: Drop modularity tests in F39
      ci/test-container: Update for f39
      Remove layering-modules test
      tests: Add f39 compatibility
      tests/container-build-integration: Use testing-devel
      tests: Skip tests that need the fix for https://github.com/systemd/systemd/issues/29275
      lib: Update ostree-ext
      compose: Add support for specifying image config

Hongxu Jia (2):
      correct bash completion
      src/app/libmain.cxx: correct output of rpm-ostree compose -h

Jonathan Lebon (6):
      tests/layering-fedorainfra: update bodhi/koji URLs for f39
      tests/libtest: drop BuildArch from spec file for test RPMs
      ci: bump vmcheck timeout to 1 hour
      ci: cancel previous build on PR update
      lockfile: add SRPM name in metadata field
      libpriv/kernel: Add padding between dracut initramfs and random CPIO

Joseph Marrero (1):
      Stop vendoring bootc

New Contributors

Full Changelog: v2023.10...v2023.11

Contributors

hongxu-jia
Assets 3

Release 2023.10

26 Oct 19:43
@cgwalters cgwalters
v2023.10
3060372
Compare
Choose a tag to compare
Release 2023.10

This is a re-release of 2023.9 with the correct version number.

This release has a variety of smaller fixes and cleanups, plus one new opt-in new feature to ensure the SELinux labels for /usr/etc are the same as /etc, which is important for enabling "transient etc" with ostree.

Full Changelog: v2023.8...v2023.9

Contributors

cgwalters, jmarrero, and 3 other contributors
Assets 3

Release 2023.8

27 Sep 21:11
@cgwalters cgwalters
v2023.8
d30d7f6
Compare
Choose a tag to compare
Release 2023.8

The biggest feature in this release is support for
rpm-ostree upgrade --check when using a container flow;
this should unblock GUI tools like Plasma Discover and gnome-software
which want to check for updates and prompt the user for downloads.

There's a variety of other smaller bugfixes and features and internal
cleanups.

Colin Walters (32):
      daemon/search: Fix memory leaks
      Bump to containers-image-proxy 0.5.5
      search: Fix a NULL ptr deref with zero terms
      packaging: Write to target/
      ci: Add autovendor flow
      sysroot: Silence clang-analyzer warning
      pkg-builtins: Add assertions to quiet clang-analyzer
      ci/autovendor: Make it work
      cxx: Regenerate
      install/uninstall: Error out with --enablerepo on booted host
      Update to ostree-ext 0.11.6
      Remove unreferenced container images in cleanup, not rebase
      core: Print total imported
      core: Include repo name in download error
      core: Add warning when we have pkgs to download in cache-only mode
      scripts: Also ignore kernel-64k scripts
      ci: Run cosa unprivileged
      docs: Add bootc
      Pin bootc to a git tag
      lib: Update to bootc 0.1.1 (ostree-ext 0.12, cap-std-ext 3.x)
      lockfile: Port away from deprecated chrono method
      composepost: Use O_TMPFILE, not memfd
      rust: Drop dependency on `memfd`
      compose-image: Add `--initialize-mode`
      Port a few things from nix to rustix
      gitmodules: Switch to github for libglnx
      container: Make `rpmostree.inputhash` optional
      Update to ostree-ext 0.12.1
      build-sys: Hard require ostree 2023.6
      core: Add composefs digest for local commits too
      Update to ostree-ext 0.12.2
      Release 2023.8

CoreOS Bot (1):
      Sync repo templates βš™

Jonathan Lebon (5):
      Cargo.toml: specify `nix` features to use
      core: Convert path to ostree convention when deleting
      tests/libvm.sh: Support `VMIMAGE` override
      tests/vmcheck: Add container-selinux hack in selinux override test
      libpriv/core: Tolerate rpmdb vs on-disk file type mismatch

Joseph Marrero (1):
      ci: update ignition on test-container test

Luke Yang (1):
      Add `container upgrade --check` function

dependabot[bot] (29):
      build(deps): bump openssl from 0.10.56 to 0.10.57
      build(deps): bump tokio from 1.29.1 to 1.32.0
      build(deps): bump camino from 1.1.4 to 1.1.6
      build(deps): bump serde_json from 1.0.104 to 1.0.105
      build(deps): bump rustix from 0.37.20 to 0.38.3
      build(deps): bump nix from 0.26.2 to 0.26.4
      build(deps): bump regex from 1.9.3 to 1.9.5
      build(deps): bump tempfile from 3.7.1 to 3.8.0
      build(deps): bump cxx-build from 1.0.105 to 1.0.107
      build(deps): bump libglnx from `c02eb59` to `54ad67d`
      build(deps): bump libc from 0.2.146 to 0.2.147
      build(deps): bump serde from 1.0.179 to 1.0.188
      build(deps): bump clap from 4.3.21 to 4.4.2
      build(deps): bump indicatif from 0.17.5 to 0.17.6
      build(deps): bump either from 1.8.1 to 1.9.0
      build(deps): bump chrono from 0.4.26 to 0.4.30
      build(deps): bump cxx from 1.0.105 to 1.0.107
      build(deps): bump libc from 0.2.147 to 0.2.148
      build(deps): bump rustix from 0.38.3 to 0.38.13
      build(deps): bump indoc from 2.0.3 to 2.0.4
      build(deps): bump nix from 0.26.4 to 0.27.1
      build(deps): bump anyhow from 1.0.71 to 1.0.75
      build(deps): bump libglnx from `54ad67d` to `aff1eea`
      build(deps): bump rustix from 0.38.13 to 0.38.14
      build(deps): bump serde_yaml from 0.9.21 to 0.9.25
      build(deps): bump clap from 4.4.2 to 4.4.4
      build(deps): bump rayon from 1.7.0 to 1.8.0
      build(deps): bump reqwest from 0.11.18 to 0.11.20
      build(deps): bump indicatif from 0.17.6 to 0.17.7
Assets 3