particle-os/debian-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
No description
1259 commits 2 branches 0 tags 60 MiB
Find a file
Christian Kellner 3d27b301a2 stages/oci-archive: do not include selinux labels 
Instead of including SELinux labels for the content layers via the
`--selinux` tar option, make sure selinux labels are not included by
using the `--no-selinux` option.
The inclusion of the labels was a mistake, since they should be
determined by the target system because selinux labels are not
namespaced. On RHEL/Fedora the SELinux label used is something like
`system_u:object_r:container_ro_file_t:s0` for all the files in the
container.
Including the label was leading to permission problems because
the files had a different label on the host and programs inside
the container get `EACCES`, i.e. Permission denied, errors when
accessing files with the different label.
Interestingly this does not happen on Fedora 33 but only on RHEL.
One possibility is that the overlayfs kernel driver in RHEL is
behaving differently on RHEL than on Fedora.
2021-03-02 17:37:45 +01:00
.devcontainer devcontainer: support for vs code devcontainer 2021-01-21 19:24:25 +01:00
.github ci: convert to new immutable ci images 2021-02-19 11:02:17 +01:00
assemblers stages/oci-archive: do not include selinux labels 2021-03-02 17:37:45 +01:00
docs Docs: Document --inspect option in the man page 2021-01-17 13:07:14 +01:00
inputs inputs: add noop input for testing 2021-02-12 15:55:43 +01:00
osbuild utils/lorax: add lorax template related helpers 2021-02-19 14:42:32 +00:00
runners runners: add CentOS 8 runner 2020-12-09 11:50:48 +01:00
samples stages/noop: fix the schema to allow any props 2020-07-16 19:02:25 +02:00
schemas schema: add version 2 manifest schema 2021-02-12 15:55:43 +01:00
schutzbot schutzbot/mock: fix centos stream 8 build 2021-03-02 09:24:54 +00:00
selinux selinux: allow nnp and nosuid transitions 2020-08-10 14:05:24 +02:00
sources sources: rename org.osbuild.{files -> curl} 2021-02-12 19:27:08 +01:00
stages stages/oci-archive: do not include selinux labels 2021-03-02 17:37:45 +01:00
test test/ostree: add installer test 2021-02-19 14:42:32 +00:00
tools tools: use dnf filtering in lorax-template helper 2021-03-01 16:18:50 +01:00
.editorconfig editorconfig: include markdown specifications 2020-10-23 16:29:50 +02:00
.gitignore test: add coverity targets to the Makefile 2020-06-24 10:01:24 +02:00
.pylintrc pylint: increase max attributes to 10 2020-07-21 13:25:04 +02:00
.travis.yml ci: move test_boot to github-actions 2020-05-13 22:00:27 +02:00
LICENSE Revert "Fill in the license template" 2019-11-18 12:23:10 +01:00
Makefile test: start a new ostree integration test suite 2021-02-12 15:55:43 +01:00
NEWS.md NEWS: small typo fixes 2021-02-22 18:16:40 +01:00
osbuild.spec 26 2021-02-19 20:44:20 +00:00
README.md Makefile: use pytest for nicer output 2020-12-04 18:24:48 +01:00
requirements.txt Makefile: use pytest for nicer output 2020-12-04 18:24:48 +01:00
setup.py 26 2021-02-19 20:44:20 +00:00

README.md

OSBuild

Build-Pipelines for Operating System Artifacts

OSBuild is a pipeline-based build system for operating system artifacts. It defines a universal pipeline description and a build system to execute them, producing artifacts like operating system images, working towards an image build pipeline that is more comprehensible, reproducible, and extendable.

See the osbuild(1) man-page for details on how to run osbuild, the definition of the pipeline description, and more.

Project

Requirements

The requirements for this project are:

  • bubblewrap >= 0.4.0
  • python >= 3.7

Additionally, the built-in stages require:

  • bash >= 5.0
  • coreutils >= 8.31
  • curl >= 7.68
  • qemu-img >= 4.2.0
  • rpm >= 4.15
  • tar >= 1.32
  • util-linux >= 235

At build-time, the following software is required:

  • python-docutils >= 0.13
  • pkg-config >= 0.29

Testing requires additional software:

  • pytest

Build

The standard python package system is used. Consult upstream documentation for detailed help. In most situations the following commands are sufficient to build and install from source:

python setup.py build
python setup.py install --skip-build --root=/

The man-pages require python-docutils and can be built via:

rst2man docs/<input-file>.rst <output-file>

Repository:

License:

  • Apache-2.0
  • See LICENSE file for details.