Module install

bootc_lib

Module install 

Source
Expand description

Β§Writing a container to a block device in a bootable way

This module supports installing a bootc-compatible image to a block device directly via the install verb, or to an externally set up filesystem via install to-filesystem.

Modules§

aleph πŸ”’
baseline πŸ”’
The baseline installer
completion πŸ”’
This module handles finishing/completion after an ostree-based install from e.g. Anaconda.
config πŸ”’
Configuration for bootc install
osbuild πŸ”’
Helper APIs for interacting with bootc-image-builder
osconfig πŸ”’

Structs§

InstallComposefsOpts πŸ”’
InstallConfigOpts πŸ”’
InstallPrintConfigurationOpts πŸ”’
InstallResetOpts πŸ”’
InstallSourceOpts πŸ”’
InstallTargetFilesystemOpts πŸ”’
Options for installing to a filesystem
InstallTargetOpts πŸ”’
InstallToDiskOpts πŸ”’
InstallToExistingRootOpts πŸ”’
InstallToFilesystemOpts πŸ”’
MountSpec πŸ”’
A mount specification is a subset of a line in /etc/fstab.
PostFetchState πŸ”’
RootMountInfo πŸ”’
RootSetup πŸ”’
SourceInfo πŸ”’
Global state captured from the container.
State πŸ”’

Enums§

BoundImages πŸ”’
BoundImagesOpt πŸ”’
Cleanup
ReplaceMode πŸ”’
SELinuxFinalState πŸ”’

Constants§

ALONGSIDE_ROOT_MOUNT πŸ”’
The default path for the host rootfs
ARCH_USES_EFI πŸ”’
BOOT πŸ”’
The toplevel boot directory
DEFAULT_REPO_CONFIG πŸ”’
DESTRUCTIVE_CLEANUP πŸ”’
Global flag to signal the booted system was provisioned via an alongside bootc install
EFIVARFS πŸ”’
The mount path for uefi
EFI_LOADER_INFO πŸ”’
LOST_AND_FOUND πŸ”’
This is an ext4 special directory we need to ignore.
OSTREE_COMPOSEFS_SUPER πŸ”’
The filename of the composefs EROFS superblock; TODO move this into ostree
RUN_BOOTC πŸ”’
Directory for transient runtime state
RW_KARG πŸ”’
Kernel argument used to specify we want the rootfs mounted read-write by default
SELINUXFS πŸ”’
The mount path for selinux

Functions§

check_disk_space πŸ”’
clean_boot_directories πŸ”’
exec_in_host_mountns πŸ”’
finalize_filesystem πŸ”’
Trim, flush outstanding writes, and freeze/thaw the target mounted filesystem; these steps prepare the filesystem for its first booted use.
find_root_args_to_inherit πŸ”’
Discover how to mount the root filesystem, using existing kernel arguments and information about the root mount.
initialize_ostree_root πŸ”’
install_container πŸ”’
install_finalize πŸ”’
Implementation of bootc install finalize.
install_reset πŸ”’
install_to_disk πŸ”’
Implementation of the bootc install to-disk CLI command.
install_to_existing_root πŸ”’
install_to_filesystem πŸ”’
Implementation of the bootc install to-filesystem CLI command.
install_to_filesystem_impl πŸ”’
install_with_sysroot πŸ”’
Given a baseline root filesystem with an ostree sysroot initialized:
installation_complete πŸ”’
ostree_install πŸ”’
prepare_install πŸ”’
Preparation for an install; validates and prepares some (thereafter immutable) global state.
print_configuration πŸ”’
read_boot_fstab_entry πŸ”’
Read the /boot entry from /etc/fstab, if it exists
reexecute_self_for_selinux_if_needed πŸ”’
If we detect that the target ostree commit has SELinux labels, and we aren’t passed an override to disable it, then ensure the running process is labeled with install_t so it can write arbitrary labels.
remove_all_except_loader_dirs πŸ”’
remove_all_in_dir_no_xdev πŸ”’
Remove all entries in a directory, but do not traverse across distinct devices. If mount_err is true, then an error is returned if a mount point is found; otherwise it is silently ignored.
require_boot_uuid πŸ”’
require_dir_contains_only_mounts πŸ”’
Require that a directory contains only mount points recursively. Returns Ok(()) if all entries in the directory tree are either:
require_empty_rootdir πŸ”’
require_host_pidns πŸ”’
A heuristic check that we were invoked with –pid=host
require_host_userns πŸ”’
Verify that we can access /proc/1, which will catch rootless podman (with –pid=host) for example.
run_in_host_mountns πŸ”’
Run a command in the host mount namespace
setup_sys_mount πŸ”’
By default, podman/docker etc. when passed --privileged mount /sys as read-only, but non-recursively. We selectively grab sub-filesystems that we need.
setup_tmp_mount πŸ”’
Ensure that /tmp is a tmpfs because in some cases we might perform operations which expect it (as it is on a proper host system). Ideally we have people run this container via podman run –read-only-tmpfs actually.
verify_target_fetch πŸ”’
Verify that we can load the manifest of the target image
warn_on_host_root πŸ”’