diff --git a/Cargo.lock b/Cargo.lock index bee69e3f8..7744988cf 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -165,7 +165,7 @@ dependencies = [ [[package]] name = "bootc-lib" -version = "1.1.3" +version = "1.1.4" dependencies = [ "anstream", "anstyle", diff --git a/docs/src/man/bootc-container-lint.md b/docs/src/man/bootc-container-lint.md index 810713e7b..e9c8f1ce9 100644 --- a/docs/src/man/bootc-container-lint.md +++ b/docs/src/man/bootc-container-lint.md @@ -23,4 +23,4 @@ part of a build process; it will error if any problems are detected. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-container.md b/docs/src/man/bootc-container.md index ef575c2af..7b8928c4d 100644 --- a/docs/src/man/bootc-container.md +++ b/docs/src/man/bootc-container.md @@ -30,4 +30,4 @@ bootc-container-help(8) # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-edit.md b/docs/src/man/bootc-edit.md index 0b5fdd08d..41b257481 100644 --- a/docs/src/man/bootc-edit.md +++ b/docs/src/man/bootc-edit.md @@ -36,4 +36,4 @@ Only changes to the \`spec\` section are honored. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-install-ensure-completion.md b/docs/src/man/bootc-install-ensure-completion.md index 7a58d2011..f532c2541 100644 --- a/docs/src/man/bootc-install-ensure-completion.md +++ b/docs/src/man/bootc-install-ensure-completion.md @@ -27,4 +27,4 @@ your code is using \`bootc install to-filesystem\` from the start. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-install-print-configuration.md b/docs/src/man/bootc-install-print-configuration.md index 09c5f24ba..bfa266c82 100644 --- a/docs/src/man/bootc-install-print-configuration.md +++ b/docs/src/man/bootc-install-print-configuration.md @@ -27,4 +27,4 @@ string-valued filesystem name suitable for passing to \`mkfs.\$type\`. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-install-to-disk.md b/docs/src/man/bootc-install-to-disk.md index a5e53d8e0..ddd5ad05b 100644 --- a/docs/src/man/bootc-install-to-disk.md +++ b/docs/src/man/bootc-install-to-disk.md @@ -36,35 +36,36 @@ more complex such as RAID, LVM, LUKS etc. : Target root block device setup. -direct: Filesystem written directly to block device tpm2-luks: Bind -unlock of filesystem to presence of the default tpm2 device.\ + direct: Filesystem written directly to block device tpm2-luks: Bind + unlock of filesystem to presence of the default tpm2 device.\ -\ -\[*possible values: *direct, tpm2-luks\] + \ + \[*possible values: *direct, tpm2-luks\] **\--filesystem**=*FILESYSTEM* : Target root filesystem type\ -\ -\[*possible values: *xfs, ext4, btrfs\] + \ + \[*possible values: *xfs, ext4, btrfs\] **\--root-size**=*ROOT_SIZE* : Size of the root partition (default specifier: M). Allowed specifiers: M (mebibytes), G (gibibytes), T (tebibytes). -By default, all remaining space on the disk will be used. + By default, all remaining space on the disk will be used. **\--source-imgref**=*SOURCE_IMGREF* : Install the system from an explicitly given source. -By default, bootc install and install-to-filesystem assumes that it runs -in a podman container, and it takes the container image to install from -the podmans container registry. If \--source-imgref is given, bootc uses -it as the installation source, instead of the behaviour explained in the -previous paragraph. See skopeo(1) for accepted formats. + By default, bootc install and install-to-filesystem assumes that it + runs in a podman container, and it takes the container image to + install from the podmans container registry. If \--source-imgref is + given, bootc uses it as the installation source, instead of the + behaviour explained in the previous paragraph. See skopeo(1) for + accepted formats. **\--target-transport**=*TARGET_TRANSPORT* \[default: registry\] @@ -93,55 +94,56 @@ previous paragraph. See skopeo(1) for accepted formats. suppresses the check; use this when you know the issues it might find are addressed. -A common reason this may fail is when one is using an image which -requires registry authentication, but not embedding the pull secret in -the image so that updates can be fetched by the installed OS \"day 2\". + A common reason this may fail is when one is using an image which + requires registry authentication, but not embedding the pull secret + in the image so that updates can be fetched by the installed OS + \"day 2\". **\--disable-selinux** : Disable SELinux in the target (installed) system. -This is currently necessary to install \*from\* a system with SELinux -disabled but where the target does have SELinux enabled. + This is currently necessary to install \*from\* a system with + SELinux disabled but where the target does have SELinux enabled. **\--karg**=*KARG* : Add a kernel argument. This option can be provided multiple times. -Example: \--karg=nosmt \--karg=console=ttyS0,114800n8 + Example: \--karg=nosmt \--karg=console=ttyS0,114800n8 **\--root-ssh-authorized-keys**=*ROOT_SSH_AUTHORIZED_KEYS* : The path to an \`authorized_keys\` that will be injected into the \`root\` account. -The implementation of this uses systemd \`tmpfiles.d\`, writing to a -file named \`/etc/tmpfiles.d/bootc-root-ssh.conf\`. This will have the -effect that by default, the SSH credentials will be set if not present. -The intention behind this is to allow mounting the whole \`/root\` home -directory as a \`tmpfs\`, while still getting the SSH key replaced on -boot. + The implementation of this uses systemd \`tmpfiles.d\`, writing to a + file named \`/etc/tmpfiles.d/bootc-root-ssh.conf\`. This will have + the effect that by default, the SSH credentials will be set if not + present. The intention behind this is to allow mounting the whole + \`/root\` home directory as a \`tmpfs\`, while still getting the SSH + key replaced on boot. **\--generic-image** : Perform configuration changes suitable for a \"generic\" disk image. At the moment: -\- All bootloader types will be installed - Changes to the system -firmware will be skipped + \- All bootloader types will be installed - Changes to the system + firmware will be skipped **\--bound-images**=*BOUND_IMAGES* \[default: stored\] : How should logically bound images be retrieved\ -\ -*Possible values:* + \ + *Possible values:* -> - stored: Bound images must exist in the sources root container -> storage (default) -> -> - pull: Bound images will be pulled and stored directly in the -> targets bootc container storage + - stored: Bound images must exist in the sources root container + storage (default) + + - pull: Bound images will be pulled and stored directly in the + targets bootc container storage **\--stateroot**=*STATEROOT* @@ -162,4 +164,4 @@ firmware will be skipped # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-install-to-existing-root.md b/docs/src/man/bootc-install-to-existing-root.md index 6486890c0..ee5607104 100644 --- a/docs/src/man/bootc-install-to-existing-root.md +++ b/docs/src/man/bootc-install-to-existing-root.md @@ -30,27 +30,28 @@ cleaned up if desired when rebooted into the new root. : Configure how existing data is treated\ -\ -*Possible values:* - -> - wipe: Completely wipe the contents of the target filesystem. This -> cannot be done if the target filesystem is the one the system is -> booted from -> -> - alongside: This is a destructive operation in the sense that the -> bootloader state will have its contents wiped and replaced. -> However, the running system (and all files) will remain in place -> until reboot + \ + *Possible values:* + + - wipe: Completely wipe the contents of the target filesystem. + This cannot be done if the target filesystem is the one the + system is booted from + + - alongside: This is a destructive operation in the sense that the + bootloader state will have its contents wiped and replaced. + However, the running system (and all files) will remain in place + until reboot **\--source-imgref**=*SOURCE_IMGREF* : Install the system from an explicitly given source. -By default, bootc install and install-to-filesystem assumes that it runs -in a podman container, and it takes the container image to install from -the podmans container registry. If \--source-imgref is given, bootc uses -it as the installation source, instead of the behaviour explained in the -previous paragraph. See skopeo(1) for accepted formats. + By default, bootc install and install-to-filesystem assumes that it + runs in a podman container, and it takes the container image to + install from the podmans container registry. If \--source-imgref is + given, bootc uses it as the installation source, instead of the + behaviour explained in the previous paragraph. See skopeo(1) for + accepted formats. **\--target-transport**=*TARGET_TRANSPORT* \[default: registry\] @@ -79,55 +80,56 @@ previous paragraph. See skopeo(1) for accepted formats. suppresses the check; use this when you know the issues it might find are addressed. -A common reason this may fail is when one is using an image which -requires registry authentication, but not embedding the pull secret in -the image so that updates can be fetched by the installed OS \"day 2\". + A common reason this may fail is when one is using an image which + requires registry authentication, but not embedding the pull secret + in the image so that updates can be fetched by the installed OS + \"day 2\". **\--disable-selinux** : Disable SELinux in the target (installed) system. -This is currently necessary to install \*from\* a system with SELinux -disabled but where the target does have SELinux enabled. + This is currently necessary to install \*from\* a system with + SELinux disabled but where the target does have SELinux enabled. **\--karg**=*KARG* : Add a kernel argument. This option can be provided multiple times. -Example: \--karg=nosmt \--karg=console=ttyS0,114800n8 + Example: \--karg=nosmt \--karg=console=ttyS0,114800n8 **\--root-ssh-authorized-keys**=*ROOT_SSH_AUTHORIZED_KEYS* : The path to an \`authorized_keys\` that will be injected into the \`root\` account. -The implementation of this uses systemd \`tmpfiles.d\`, writing to a -file named \`/etc/tmpfiles.d/bootc-root-ssh.conf\`. This will have the -effect that by default, the SSH credentials will be set if not present. -The intention behind this is to allow mounting the whole \`/root\` home -directory as a \`tmpfs\`, while still getting the SSH key replaced on -boot. + The implementation of this uses systemd \`tmpfiles.d\`, writing to a + file named \`/etc/tmpfiles.d/bootc-root-ssh.conf\`. This will have + the effect that by default, the SSH credentials will be set if not + present. The intention behind this is to allow mounting the whole + \`/root\` home directory as a \`tmpfs\`, while still getting the SSH + key replaced on boot. **\--generic-image** : Perform configuration changes suitable for a \"generic\" disk image. At the moment: -\- All bootloader types will be installed - Changes to the system -firmware will be skipped + \- All bootloader types will be installed - Changes to the system + firmware will be skipped **\--bound-images**=*BOUND_IMAGES* \[default: stored\] : How should logically bound images be retrieved\ -\ -*Possible values:* + \ + *Possible values:* + + - stored: Bound images must exist in the sources root container + storage (default) -> - stored: Bound images must exist in the sources root container -> storage (default) -> -> - pull: Bound images will be pulled and stored directly in the -> targets bootc container storage + - pull: Bound images will be pulled and stored directly in the + targets bootc container storage **\--stateroot**=*STATEROOT* @@ -149,4 +151,4 @@ firmware will be skipped # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-install-to-filesystem.md b/docs/src/man/bootc-install-to-filesystem.md index 71489f95f..59b900465 100644 --- a/docs/src/man/bootc-install-to-filesystem.md +++ b/docs/src/man/bootc-install-to-filesystem.md @@ -32,14 +32,14 @@ is currently expected to be empty by default. : Source device specification for the root filesystem. For example, UUID=2e9f4241-229b-4202-8429-62d2302382e1 -If not provided, the UUID of the target filesystem will be used. + If not provided, the UUID of the target filesystem will be used. **\--boot-mount-spec**=*BOOT_MOUNT_SPEC* : Mount specification for the /boot filesystem. -This is optional. If \`/boot\` is detected as a mounted partition, then -its UUID will be used. + This is optional. If \`/boot\` is detected as a mounted partition, + then its UUID will be used. **\--replace**=*REPLACE* @@ -47,17 +47,17 @@ its UUID will be used. this is implemented. In the future, it may also be supported to set up an explicit \"dual boot\" system\ -\ -*Possible values:* + \ + *Possible values:* -> - wipe: Completely wipe the contents of the target filesystem. This -> cannot be done if the target filesystem is the one the system is -> booted from -> -> - alongside: This is a destructive operation in the sense that the -> bootloader state will have its contents wiped and replaced. -> However, the running system (and all files) will remain in place -> until reboot + - wipe: Completely wipe the contents of the target filesystem. + This cannot be done if the target filesystem is the one the + system is booted from + + - alongside: This is a destructive operation in the sense that the + bootloader state will have its contents wiped and replaced. + However, the running system (and all files) will remain in place + until reboot **\--acknowledge-destructive** @@ -75,11 +75,12 @@ its UUID will be used. : Install the system from an explicitly given source. -By default, bootc install and install-to-filesystem assumes that it runs -in a podman container, and it takes the container image to install from -the podmans container registry. If \--source-imgref is given, bootc uses -it as the installation source, instead of the behaviour explained in the -previous paragraph. See skopeo(1) for accepted formats. + By default, bootc install and install-to-filesystem assumes that it + runs in a podman container, and it takes the container image to + install from the podmans container registry. If \--source-imgref is + given, bootc uses it as the installation source, instead of the + behaviour explained in the previous paragraph. See skopeo(1) for + accepted formats. **\--target-transport**=*TARGET_TRANSPORT* \[default: registry\] @@ -108,55 +109,56 @@ previous paragraph. See skopeo(1) for accepted formats. suppresses the check; use this when you know the issues it might find are addressed. -A common reason this may fail is when one is using an image which -requires registry authentication, but not embedding the pull secret in -the image so that updates can be fetched by the installed OS \"day 2\". + A common reason this may fail is when one is using an image which + requires registry authentication, but not embedding the pull secret + in the image so that updates can be fetched by the installed OS + \"day 2\". **\--disable-selinux** : Disable SELinux in the target (installed) system. -This is currently necessary to install \*from\* a system with SELinux -disabled but where the target does have SELinux enabled. + This is currently necessary to install \*from\* a system with + SELinux disabled but where the target does have SELinux enabled. **\--karg**=*KARG* : Add a kernel argument. This option can be provided multiple times. -Example: \--karg=nosmt \--karg=console=ttyS0,114800n8 + Example: \--karg=nosmt \--karg=console=ttyS0,114800n8 **\--root-ssh-authorized-keys**=*ROOT_SSH_AUTHORIZED_KEYS* : The path to an \`authorized_keys\` that will be injected into the \`root\` account. -The implementation of this uses systemd \`tmpfiles.d\`, writing to a -file named \`/etc/tmpfiles.d/bootc-root-ssh.conf\`. This will have the -effect that by default, the SSH credentials will be set if not present. -The intention behind this is to allow mounting the whole \`/root\` home -directory as a \`tmpfs\`, while still getting the SSH key replaced on -boot. + The implementation of this uses systemd \`tmpfiles.d\`, writing to a + file named \`/etc/tmpfiles.d/bootc-root-ssh.conf\`. This will have + the effect that by default, the SSH credentials will be set if not + present. The intention behind this is to allow mounting the whole + \`/root\` home directory as a \`tmpfs\`, while still getting the SSH + key replaced on boot. **\--generic-image** : Perform configuration changes suitable for a \"generic\" disk image. At the moment: -\- All bootloader types will be installed - Changes to the system -firmware will be skipped + \- All bootloader types will be installed - Changes to the system + firmware will be skipped **\--bound-images**=*BOUND_IMAGES* \[default: stored\] : How should logically bound images be retrieved\ -\ -*Possible values:* + \ + *Possible values:* + + - stored: Bound images must exist in the sources root container + storage (default) -> - stored: Bound images must exist in the sources root container -> storage (default) -> -> - pull: Bound images will be pulled and stored directly in the -> targets bootc container storage + - pull: Bound images will be pulled and stored directly in the + targets bootc container storage **\--stateroot**=*STATEROOT* @@ -170,9 +172,9 @@ firmware will be skipped : Path to the mounted root filesystem. -By default, the filesystem UUID will be discovered and used for -mounting. To override this, use \`\--root-mount-spec\`. + By default, the filesystem UUID will be discovered and used for + mounting. To override this, use \`\--root-mount-spec\`. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-install.md b/docs/src/man/bootc-install.md index 29944de87..bffa66ba4 100644 --- a/docs/src/man/bootc-install.md +++ b/docs/src/man/bootc-install.md @@ -10,7 +10,7 @@ bootc-install - Install the running container to a target Install the running container to a target. -## Understanding installations +\## Understanding installations OCI containers are effectively layers of tarballs with JSON for metadata; they cannot be booted directly. The \`bootc install\` flow is @@ -66,4 +66,4 @@ bootc-install-help(8) # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-rollback.md b/docs/src/man/bootc-rollback.md index e6e09baa0..35d5a0817 100644 --- a/docs/src/man/bootc-rollback.md +++ b/docs/src/man/bootc-rollback.md @@ -34,4 +34,4 @@ rollback invocation. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-status.md b/docs/src/man/bootc-status.md index 21f5b944e..bf95ce209 100644 --- a/docs/src/man/bootc-status.md +++ b/docs/src/man/bootc-status.md @@ -16,13 +16,13 @@ bootc system state. If standard output is not a terminal, output a YAML-formatted object using a schema intended to match a Kubernetes resource that describes the state of the booted system. -## Parsing output via programs +\## Parsing output via programs Either the default YAML format or \`\--format=json\` can be used. Do not attempt to explicitly parse the output of \`\--format=humanreadable\` as it will very likely change over time. -## Programmatically detecting whether the system is deployed via bootc +\## Programmatically detecting whether the system is deployed via bootc Invoke e.g. \`bootc status \--json\`, and check if \`status.booted\` is not \`null\`. @@ -33,14 +33,14 @@ not \`null\`. : The output format\ -\ -*Possible values:* + \ + *Possible values:* -> - humanreadable: Output in Human Readable format -> -> - yaml: Output in YAML format -> -> - json: Output in JSON format + - humanreadable: Output in Human Readable format + + - yaml: Output in YAML format + + - json: Output in JSON format **\--format-version**=*FORMAT_VERSION* @@ -59,4 +59,4 @@ not \`null\`. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-switch.md b/docs/src/man/bootc-switch.md index cf50adb15..cd93c4704 100644 --- a/docs/src/man/bootc-switch.md +++ b/docs/src/man/bootc-switch.md @@ -15,7 +15,7 @@ Target a new container image reference to boot. This is almost exactly the same operation as \`upgrade\`, but additionally changes the container image reference instead. -## Usage +\## Usage A common pattern is to have a management agent control operating system updates via container image tags; for example, @@ -34,9 +34,9 @@ updates via container image tags; for example, : Restart or reboot into the new target image. -Currently, this option always reboots. In the future this command will -detect the case where no kernel changes are queued, and perform a -userspace-only restart. + Currently, this option always reboots. In the future this command + will detect the case where no kernel changes are queued, and perform + a userspace-only restart. **\--transport**=*TRANSPORT* \[default: registry\] @@ -48,8 +48,8 @@ userspace-only restart. : This is the inverse of the previous \`\--target-no-signature-verification\` (which is now a no-op). -Enabling this option enforces that \`/etc/containers/policy.json\` -includes a default policy which requires signatures. + Enabling this option enforces that \`/etc/containers/policy.json\` + includes a default policy which requires signatures. **\--ostree-remote**=*OSTREE_REMOTE* @@ -69,4 +69,4 @@ includes a default policy which requires signatures. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-upgrade.md b/docs/src/man/bootc-upgrade.md index 9e5da0155..86d4b8044 100644 --- a/docs/src/man/bootc-upgrade.md +++ b/docs/src/man/bootc-upgrade.md @@ -35,16 +35,17 @@ the update in addition. : Check if an update is available without applying it. -This only downloads an updated manifest and image configuration (i.e. -typically kilobyte-sized metadata) as opposed to the image layers. + This only downloads an updated manifest and image configuration + (i.e. typically kilobyte-sized metadata) as opposed to the image + layers. **\--apply** : Restart or reboot into the new target image. -Currently, this option always reboots. In the future this command will -detect the case where no kernel changes are queued, and perform a -userspace-only restart. + Currently, this option always reboots. In the future this command + will detect the case where no kernel changes are queued, and perform + a userspace-only restart. **-h**, **\--help** @@ -52,4 +53,4 @@ userspace-only restart. # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc-usr-overlay.md b/docs/src/man/bootc-usr-overlay.md index 576d5d475..f8b19e4fd 100644 --- a/docs/src/man/bootc-usr-overlay.md +++ b/docs/src/man/bootc-usr-overlay.md @@ -12,20 +12,20 @@ will be discarded on reboot Adds a transient writable overlayfs on \`/usr\` that will be discarded on reboot. -## Use cases +\## Use cases A common pattern is wanting to use tracing/debugging tools, such as \`strace\` that may not be in the base image. A system package manager such as \`apt\` or \`dnf\` can apply changes into this transient overlay that will be discarded on reboot. -## /etc and /var +\## /etc and /var However, this command has no effect on \`/etc\` and \`/var\` - changes written there will persist. It is common for package installations to modify these directories. -## Unmounting +\## Unmounting Almost always, a system process will hold a reference to the open mount point. You can however invoke \`umount -l /usr\` to perform a \"lazy @@ -39,4 +39,4 @@ unmount\". # VERSION -v1.1.3 +v1.1.4 diff --git a/docs/src/man/bootc.md b/docs/src/man/bootc.md index bb69cff84..87ecf9307 100644 --- a/docs/src/man/bootc.md +++ b/docs/src/man/bootc.md @@ -72,4 +72,4 @@ bootc-help(8) # VERSION -v1.1.3 +v1.1.4 diff --git a/lib/Cargo.toml b/lib/Cargo.toml index 9ccee100b..decdfce87 100644 --- a/lib/Cargo.toml +++ b/lib/Cargo.toml @@ -5,7 +5,7 @@ license = "MIT OR Apache-2.0" name = "bootc-lib" readme = "README.md" repository = "https://github.com/containers/bootc" -version = "1.1.3" +version = "1.1.4" # For now don't bump this above what is currently shipped in RHEL9; # also keep in sync with the version in cli. rust-version = "1.75.0"