v2024.9

Notable changes

• deploy: Don't recompute verity checksums if not enabled by @cgwalters in #3326

This fixes a huge performance regression where we recomputed the fsverity checksum of all objects at deployment time for systems using composefs but not using fsverity.

• prepare-root: allow sysroot.readonly=true with kernel cmdline ro by @ruihe774 in #3316

Other changes

• Release 2024.8 by @cgwalters in #3309
• rust-bindings: Fix readthedocs.io link by @cgwalters in #3313
• curl: Add more assertions for curl return values by @cgwalters in #3311
• checkout: Add commentary around whiteout "quoting" by @cgwalters in #3317
• commit: Give a better error message for unhandled file type by @cgwalters in #3322
• deploy: Don't copy xattrs for devicetree by @cgwalters in #3323
• tests: Skip checking for immutable bit on composefs by @cgwalters in #3332
• tests: Work around GPG 2.2.45 error behaviour when revoking an expired key by @smcv in #3333
• checkout: Only verify digest if repo requires fsverity by @cgwalters in #3331
• prepare-root: Fix composefs docs by @cgwalters in #3334

New Contributors

• @ruihe774 made their first contribution in #3316

Full Changelog: v2024.8...v2024.9

v2024.8

There are two notable changes in this release.

First, this release adapts to a change in libcurl 8.10.1 that caused ostree to start crashing. There is ongoing debate as to whether the curl change here was right, but in any case the adaption required on our side was trivial and to emphasize - it's quite safe to cherry pick the relevant commit to prior ostree releases too.

Second, for the booted host side, we've changed the mount propagation setup. More details in

• switchroot: Stop making /sysroot mount private by @dbnicholson in #3292

Other than that there are a variety of more minor tweaks and fixes.

What's Changed

• repo: NUL terminate readlinkat result by @cgwalters in #3281
• deploy: Log to journal for boot space, not stderr by @cgwalters in #3282
• commit/payload-link: Ensure we don't overrun target_checksum size by @cgwalters in #3284
• sysroot: Make coverity happy with dirname+strdup by @cgwalters in #3283
• tests: Attempt to update auto-prune test by @cgwalters in #3285
• grub2: Show output when run in systemd by default by @cgwalters in #3290
• lib/traverse: Fix minor memory leak by @cgwalters in #3287
• github/workflows/tests: Update actions/upload-artifact to v4 by @travier in #3301
• Redo pages workflow by @dbnicholson in #3304
• spec: %autorelease can't be resolved by COPR by @HuijingHei in #3302
• bootloader/grub2: Handle empty static configs by @travier in #3300
• workflow/docs: Fix deployments by @dbnicholson in #3305
• curl: Assert that curl_multi_assign worked by @cgwalters in #3306
• curl: Make socket callback during cleanup into no-op by @cgwalters in #3307

Full Changelog: v2024.7...v2024.8

2024.7

A relatively minor release; this has a bugfix for "transient-etc" users, and a new ostree.prepare-root.composefs kernel option that allows dynamic overrides for the composefs state. There's also a new API to directly create a composefs from an ostree commit.

What's Changed

• docs: make /ostree/root.X clearer as symlinks by @ericcurtin in #3250
• docs: add webOS as users of libostree by @ericcurtin in #3249
• checkout: Add API to directly checkout composefs by @cgwalters in #3252
• prepare-root: Cleanup comments by @cgwalters in #3253
• docs: Describe /boot/ostree by @cgwalters in #3258
• ci: Add buildroot to c9s build by @cgwalters in #3259
• core: Validate that xattr names aren't empty by @cgwalters in #3261
• remount: ignore ENOENT error during SELinux relabeling by @ericcurtin in #3266
• Minor cleanup related to composefs by @ueno in #3268
• ci: Bump bootc e2e to latest ubuntu, drop docker by @cgwalters in #3270
• remount: Drop Before=systemd-sysusers.service by @cgwalters in #3269
• 2023.8-3 coverity scan by @lukewarmtemp in #3265
• sysroot: Use journal rather than printf() by @cgwalters in #3273
• libostree: Remove compatibility code with GLib < 2.44 by @ueno in #3275
• keyfile-utils: Add API to parse tristate strings by @cgwalters in #3276
• prepare-root: Add ostree.prepare-root.composefs by @cgwalters in #3277

New Contributors

• @ueno made their first contribution in #3268
• @lukewarmtemp made their first contribution in #3265

Full Changelog: v2024.6...v2024.7

v2024.6

This release brings us various bug fixes on top of enhancements to ci, docs and tests.
What's Changed:

Alexander Larsson (3):
      _ostree_ensure_fsverity: Properly check for errors
      prepare-root: Handle non-AB aboot properly
      Fix _ostree_ensure_fsverity reporting of supports in early exit

Colin Walters (12):
      configure: post-release version bump
      curl: Also map HTTP errors for retries
      sepolicy: Add missing `(nullable)`
      init-fs: Add --epoch
      init-fs: Add --epoch=2
      tests: Skip composefs tests without the feature
      ci: Drop `SKIP_INSTALLDEPS=1`
      Switch to external composefs
      ci: Only run clang-format on ubuntu-stable GH runner
      ci: Also skip if we detect /run/.containerenv
      sysroot: Handle `/ostree/deploy` having epoch 0
      docs: Describe offline updates with static deltas

Dan Nicholson (2):
      tests: Correctly skip single fsverity test
      repo: Make summary and signature mtime match

Eric Curtin (3):
      README & docs: Remove "RHIVOS" acronym
      docs: More accurate diagram in bootloaders documentation for aboot
      docs: Fix spelling and grammer

Jonathan Lebon (1):
      ostree-prepare-root.service: add OnFailureJobMode=isolate

Joseph Marrero (3):
      ostree-sysroot-deploy: check if deployments are in the same stateroot.
      Release 2024.6
      configure: post-release version bump

Full Changelog: v2024.5...v2024.6

v2024.5

What's Changed

• Release 2024.4 by @cgwalters in #3197
• docs: Move SPDX identifiers under first title by @travier in #3199
• sepolicy: Fix publicity mismatch for ostree_sepolicy_host_enabled by @cgwalters in #3196
• main: Ignore SIGPIPE when printing version by @dbnicholson in #3203
• otcore: Drop config load print by @cgwalters in #3204
• bootloader/grub2: Don't do anything if we have static configs by @cgwalters in #3205
• sysroot: Turn on bootloader-naming-2 by default by @cgwalters in #3206
• kargs: parse spaces in kargs input and keep quotes by @HuijingHei in #3208
• Ensure boot directory is open before accessing it for early pruning by @rborn-tx in #3213
• checkout: Always replace existing content with overlay mode by @cgwalters in #3214

Full Changelog: v2024.4...v2024.5

v2024.4

What's Changed

• Release 2024.3 by @cgwalters in #3172
• rofiles-fuse: Check fsverity flag for copyup by @cgwalters in #3175
• tests: Use long key IDs by @teythoon in #3178
• docs: Add webrick dependancy for building site locally by @ericcurtin in #3179
• tests: Use long key IDs, I found another one by @teythoon in #3180
• README: Add Red Hat In-Vehicle Operating System by @ericcurtin in #3181
• workflow/docs: Update to actions/checkout@v4 & dependabot: Update github-actions weekly by @travier in #3176
• test-admin-deploy-var: Don't rely on OSTREE_FEATURES by @smcv in #3184
• deploy: Don't fail if loading composefs configuration fails due to mi… by @alexlarsson in #3189
• ostree-prepare-root: Amend comment about shared mounts by @rborn-tx in #3186
• Docs fixes & SPDX identifiers uniformisation by @travier in #3185
• prepare-root: Disallow hotfixes if using signed composefs images by @alexlarsson in #3194
• generator: Fixes for Android Boot environment by @ericcurtin in #3192
• sysroot: Reword comment and use gboolean over bool, error handling by @ericcurtin in #3195

New Contributors

• @teythoon made their first contribution in #3178

Full Changelog: v2024.3...v2024.4

v2024.3

New features and notable changes

This release changes how /var works (again):

• sysroot: Rework /var handling to act like Docker VOLUME /var by @cgwalters in #3166
• Drop tmpfiles var by @cgwalters in #3168

The mount setup also had a semantic change for those enabling root.transient:

• prepare-root: Switch to a tmpfs for transient root by @cgwalters in #3173

Also related to prepare-root, it is now recommend to enable composefs by simply configuring ostree-prepare-root.conf and not the ex-integrity.composefs variable:

• deploy: Honor prepare-root.conf at deploy time for composefs by @cgwalters in #3165

Other changes

• prepare-root: Unify root.transient with composefs by @cgwalters in #3170
• Release by @cgwalters in #3160
• libostree: write selinux xattr when on non-selinux systems by @mvo5 in #3151
• ostree.repo-config(5): Fix a typo by @smcv in #3167
• Expose MOUNT_ATTR_IDMAP detection result to C code by @rborn-tx in #3169
• docs/atomic-rollbacks: Add a section on rollbacks by @ericcurtin in #3171
• Release 2024.3 by @cgwalters in #3172

New Contributors

• @mvo5 made their first contribution in #3151
• @rborn-tx made their first contribution in #3169

Full Changelog: v2024.2...v2024.3

2024.2

What's Changed

New features

The ostree admin pin command learned more human-consumable verbs:

• admin/pin: Add commands to pin booted, pending and rollbacks deployments by @ericcurtin in #3146
• generator: Exit if there's no /run/ostree by @cgwalters in #3147

Bugfixes

• deploy: Ignore sockets, fifos in /etc/ during merge by @yummypeng in #3143
• grub2-15_ostree: Graceful exit if /etc/default/grub doesn't exist by @travier in #3150
• Track deployment root/inode from prepare root by @cgwalters in #3164

Other changes

• Release 2024.1 by @cgwalters in #3141
• tests: Skip composefs test if /var/tmp does not support user xattrs by @smcv in #3145
• composefs: Bump composefs max version to 1 by @alexlarsson in #3149
• ci: Add a bootc/c9s workflow by @cgwalters in #3152
• syslinux: Avoid double /boot if bootprefix is enabled by @cgwalters in #3157
• admin/state-overlay: Require root and don't lock sysroot by @jlebon in #3158
• Enable sysroot.bootprefix by default by @cgwalters in #3156
• Revert "Enable sysroot.bootprefix by default" by @cgwalters in #3159

New Contributors

• @yummypeng made their first contribution in #3143

Full Changelog: v2024.1...v2024.2

2024.1

New features

There are two major new APIs around configuring mutability and persistence of the root filesystem.

First, OSTree gained support for a new root.transient flag that makes / an overlayfs that is persistent across reboots but not across upgrades. This makes the system behave a bit more similarly to e.g. Docker and following tools such as podman and Kubernetes.

• prepare-root: Add support for root.transient by @cgwalters in #3114
• Doc root transient by @cgwalters in #3117

There is a different approach in the (still classified as experimental) [email protected] unit:

• Add concept of state overlays by @jlebon in #3120

This approach instead allows operating systems or downstream builders to choose to apply persistent merge semantics to specific targeted directories (e.g. /opt).

Notable bugfixes

• prepare-root: Fix composefs + ostree admin unlock --hotfix compat by @cgwalters in #3129
• lib/deploy: Round to block size in early prune space check by @jlebon in #3130
• • status: Pass correct remote name when verifying by @cgwalters in #3131

Other misc changes

• Release 2023.8 by @cgwalters in #3111

• Update Torizon information by @leonheldattoradex in #3112

• doc: Add section about ostree and bootloaders by @jmarrero in #3116

• Link to gardenlinux/ostree-image-builder in README by @fwilhe in #3121

• deploy: Log calculated needed space by @cgwalters in #3123

• rust: Add missing feature versions by @cgwalters in #3124

• switchroot: Be explicit about what could cause /sysroot to be ro by @ericcurtin in #3125

• zipl: A few fixes by @cgwalters in #3119

• docs/composefs: Add note about toplevel dirs by @cgwalters in #3127

• switchroot: use shared constant for unlock --hotfix by @cgwalters in #3128

• status: Fix build without GPGME by @ericcurtin in #3132

• systemd/ostree-boot-complete: Start earlier by @cgwalters in #3133

• status: Introduce tool to quickly check if we are booted as default by @ericcurtin in #3134

• status: Rename query-booted to is-default by @ericcurtin in #3136

• doc: Add section about ostree and aboot by @ericcurtin in #3135

New Contributors

• @leonheldattoradex made their first contribution in #3112
• @fwilhe made their first contribution in #3121

Full Changelog: v2023.8...v2024.1

2023.8

This release stabilizes "deployment finalization locking" which
is very useful for automatic update workflows.

• sysroot: Stabilize deployment finalization, add API by @cgwalters in #3090

There's a new post-copy command which may be useful for build
systems that generate a filesystem tree outside of ostree:

• Add ostree admin post-copy command by @alexlarsson in #309

The commit logic started using reflinks (if available) which
can be a big speedup.

• commit: Try reflinks for local commits by default by @cgwalters in #3106

System root and bootloader:

• bootloader/zipl: Run in target deployment as container if needed by @cgwalters in #3104
• bootloader/zipl: No-op if run as non-root by @cgwalters in #3085
• lib/bootloader-zipl: Check for Secure Boot before zipl by @nikita-dubrovskii in #3080

Finally, ostree now ships a tmpfiles.d fragment which copies from /usr/share/factory/var to /var
by default:

• tmpfiles: Copy /usr/share/factory/var to /var by @cgwalters in #3103