From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id E43002918; Tue, 25 Nov 2025 12:23:06 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 993) id A7048287E; Tue, 25 Nov 2025 12:23:03 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,DMARC_MISSING,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=4.0.1 Received: from fout-a8-smtp.messagingengine.com (fout-a8-smtp.messagingengine.com [103.168.172.151]) by atuin.qyliss.net (Postfix) with ESMTPS id 44D1C28BF for ; Tue, 25 Nov 2025 12:23:02 +0000 (UTC) Received: from phl-compute-02.internal (phl-compute-02.internal [10.202.2.42]) by mailfout.phl.internal (Postfix) with ESMTP id DE034EC0218; Tue, 25 Nov 2025 07:22:59 -0500 (EST) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-02.internal (MEProxy); Tue, 25 Nov 2025 07:22:59 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h=cc :cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm2; t=1764073379; x=1764159779; bh=H1VVCJzN/p +twLLSJHZ4by7dnhg4LjVX6PoS9xeQV5k=; b=EASzAmKVTDFVUPawCz3t5W3KyR iu+N1l7WG1st078L4evlIoXlhN5+LUOLWyVejgllHWmLlkLiGbKAkE2QiAnM2heC D8NqyJvteaa1/G5t/zalQuWiET4uLlsQI11FEn4N0c6jzm3XrTMMGH3U/oZ6zDeY PiItmnqDjSew9WMt+DGYS7ZM/UIJINDexRFB/kwpgPPcTIqgTJ9WTTXra89T0gAk 7490j0yuJUwVFCJu6mX3UJMqc7sccewBVUJrR2aoB7fc8NnEnajEUWIhxpWDPX8i gcKGWIm5acBhONZUzqsuGeKwoPJCXRNLLMlEN5x9Oovxd4JkKk4aDN/40+ng== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t= 1764073379; x=1764159779; bh=H1VVCJzN/p+twLLSJHZ4by7dnhg4LjVX6Po S9xeQV5k=; b=05rk/FkoSSpPkFaKMpTOxGx7JbfVCc38hPxRCC17iFJSLH86n0+ o6+Pwuho84L8pfhYTs7L52qE99wDbMJ/29YuDYGJbzBcRVtpHkoMm7ESC1YD6RN4 TCCWOodDiyPeoyzp+7IuD/Y1m5VfUP3hwziCY1UDjpBuGlQgXnmfYFjaJqsYEO/u 7yoWjyHQvoj3+M93vJgK9QJSx94PLZjy0B+myNvoX1WueNXt4MJ2+FDbd9kpWBvU H13mXHB41QyLof8MZqdFB+eR/mj42iZ5/O0zTM+nA57jKyEtBOgAbe2N3eVFGDgU 2fW1a6q72LgMq8vv8+xIAPrZWLFa45QMrjQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdeggddvgedugeeiucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf gurhephffvvefujghffffkgggtsehgtderredttdejnecuhfhrohhmpeetlhihshhsrgcu tfhoshhsuceohhhisegrlhihshhsrgdrihhsqeenucggtffrrghtthgvrhhnpedtiefgue ejffeivdekffdtkefhkeetvdetveejhefhfffgueeijeefffekueevtdenucffohhmrghi nhepshhpvggtthhruhhmqdhoshdrohhrghdptghfghdrihhnnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomhephhhisegrlhihshhsrgdrihhspdhn sggprhgtphhtthhopedvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopeguvghmih hosggvnhhouhhrsehgmhgrihhlrdgtohhmpdhrtghpthhtohepuggvvhgvlhesshhpvggt thhruhhmqdhoshdrohhrgh X-ME-Proxy: Feedback-ID: i12284293:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 25 Nov 2025 07:22:59 -0500 (EST) Received: by mbp.qyliss.net (Postfix, from userid 1000) id 049446AE3AF2; Tue, 25 Nov 2025 13:22:48 +0100 (CET) From: Alyssa Ross To: Demi Marie Obenour Subject: Re: [PATCH v4 00/14] System updates based on systemd-sysupdate In-Reply-To: <20251121-updates-v4-0-d4561c42776e@gmail.com> References: <20251119-updates-v3-0-b88a99915509@gmail.com> <20251121-updates-v4-0-d4561c42776e@gmail.com> Date: Tue, 25 Nov 2025 13:22:06 +0100 Message-ID: <87ms4awbdd.fsf@alyssa.is> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Message-ID-Hash: CZNVWFRNGZHUTEQIIM7CLR64F7L7DFYY X-Message-ID-Hash: CZNVWFRNGZHUTEQIIM7CLR64F7L7DFYY X-MailFrom: hi@alyssa.is X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-devel.spectrum-os.org-0; header-match-devel.spectrum-os.org-1; header-match-devel.spectrum-os.org-2; header-match-devel.spectrum-os.org-3; header-match-devel.spectrum-os.org-4; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Spectrum OS Development X-Mailman-Version: 3.3.9 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Demi Marie Obenour writes: > This implements updates via systemd-sysupdate. See individual commit > messages for details. > > There are major changes to the image build process. > > Signed-off-by: Demi Marie Obenour > --- > Changes in v4: > - Fix build errors in intermediate patches. > - Apply suggestions from code review. > - Link to v3: https://spectrum-os.org/lists/archives/spectrum-devel/20251= 119-updates-v3-0-b88a99915509@gmail.com > > Changes in v3: > - See individual commits for details. There are too many to mention > here. > - Link to v2: https://spectrum-os.org/lists/archives/spectrum-devel/20251= 112-updates-v2-0-88d96bf81b79@gmail.com > > Changes in v2: > - updates-dir-check: > - Do not check that there is a SHA256SUMS or SHA256SUMS.gpg file in the > update directory. systemd-sysupdate will fail if it cannot find a > manifest or its signature. > - Follow symlinks in opening the directory. The path is from a > trusted source and will always point to a BTRFS snapshot, never a > symlink. The only exception is the last component, which is still > checked to not be a symlink. > - VM: > - Link SHA256SUMS.sha256.asc to SHA256SUMS.gpg. Recent > systemd-sysupdate seems to use the former name. > - Get update URL from host. > - Use an execline script instead of a shell script. > - Update script: > - Unmount shared directory if already mounted. This avoids errors > when mounting it again. > - Delete old snapshot if present. > - Provide the VM information with a different directory layout. > - Do not bind-mount the information passed into the VM into the shared > VM folder. Instead rely on this folder being read-only to the > guest. This is enforced by a read-only bind mount in virtiofs's > mount namespace. > - Testing: > - Lots of manual update testing. > - Disable the test for the live image as it doesn't work anymore. > - Nix: > - Move validation to a separate low-priority patch. > - Documentation: > - Document that updating the system is now possible. > - Installer: > - Remove the "Try Spectrum" button. > > - Link to v1: https://spectrum-os.org/lists/archives/spectrum-devel/20251= 029-updates-v1-0-401c1be2a11b@gmail.com > > --- > Demi Marie Obenour (14): > host/rootfs: Install all programs from util-linuxMinimal > host/rootfs: Install systemd-pull > tools: Add directory checker for updates > scripts: port make-gpt.sh to bash > scripts/make-gpt.sh: Allow specifying partition size > Support generating multiple partition UUIDs > scripts: Use shell expansion to get partition path > release: Compress installation images and remove live image > Use OS version to set partition labels and UKI name > Add B partitions to installation images > release: Create directory with system update > Support updates via systemd-sysupdate > Documentation: Update support > Validate configuration parameters > > Documentation/development/build-configuration.adoc | 13 ++ > Documentation/installation/getting-spectrum.adoc | 56 +++++++-- > Documentation/installation/index.adoc | 4 +- > Documentation/using-spectrum/index.adoc | 2 + > Documentation/using-spectrum/updates.adoc | 30 +++++ > host/efi.nix | 2 +- > host/initramfs/Makefile | 18 +-- > host/initramfs/etc/probe | 20 --- > host/initramfs/shell.nix | 2 + > host/rootfs/Makefile | 27 ++++- > host/rootfs/busybox-config | 134 +++++++++++++++= ++++++ > host/rootfs/busybox-config.license | 4 + > host/rootfs/default.nix | 92 +++++++++----- > host/rootfs/file-list.mk | 7 ++ > host/rootfs/image/etc/fstab | 1 + > .../image/etc/sysupdate.d/50-verity.transfer | 20 +++ > host/rootfs/image/etc/sysupdate.d/60-root.transfer | 20 +++ > .../image/etc/sysupdate.d/70-kernel.transfer | 20 +++ > .../image/etc/vm-sysupdate.d/50-verity.transfer | 18 +++ > .../image/etc/vm-sysupdate.d/60-root.transfer | 18 +++ > .../image/etc/vm-sysupdate.d/70-kernel.transfer | 18 +++ > host/rootfs/image/usr/bin/spectrum-update | 83 +++++++++++++ > host/rootfs/os-release.in | 15 +++ > host/rootfs/shell.nix | 2 + > img/app/Makefile | 2 +- > lib/config.default.nix | 4 + > lib/config.nix | 15 ++- > lib/fake-update-signing-key.gpg | 3 + > release.nix | 2 + > release/checks/integration/meson.build | 2 +- > release/checks/integration/try.c | 29 ----- > release/combined/eosimages.nix | 19 ++- > release/combined/grub.cfg.in | 5 - > release/live/Makefile | 15 ++- > release/live/default.nix | 5 +- > release/live/shell.nix | 3 +- > release/update.nix | 33 +++++ > scripts/format-uuid.awk | 35 ++++++ > scripts/format-uuid.sh | 19 --- > scripts/make-gpt.sh | 30 ++--- > tools/default.nix | 1 + > tools/meson.build | 4 + > tools/updates-dir-check.c | 134 +++++++++++++++= ++++++ > vm/app/systemd-sysupdate/default.nix | 57 +++++++++ > vm/app/systemd-sysupdate/escape-url.awk | 31 +++++ > .../systemd-sysupdate/populate-transfer-directory | 26 ++++ > vm/sys/net/Makefile | 2 +- > 47 files changed, 928 insertions(+), 174 deletions(-) > --- > base-commit: e89924f5613539e4dcd9d485a82f976c817b34c1 > change-id: 20250928-updates-92e99849e231 > prerequisite-patch-id: c518b0e42e0c87755ef725ace8e961cdfb862285 > prerequisite-patch-id: 0ed2b2073c0ab6d422aa642fd238b15428c6f7d1 I'm finding this series quite difficult to review, because information I need to review isn't presented when I need it; I have to go and find it. "scripts: port make-gpt.sh to bash" doesn't include its motivation. I assume that's coming later, but now I have to go through potentially 9 more patches to find out what that is, and keep this patch in my head to make sure I remember to go back to it once I find out what that is. In "scripts/make-gpt.sh: Allow specifying partition size" I see bash features being used to strip a "MiB" suffix off the end of a size, so maybe that's it? But I already asked why we need to do that in my review of v2[1], and didn't get a response, so I'm still in the dark=E2=80= =A6 As I'm going through these patches, I'm encountering a lot of merge conflicts. Usually when I'm reviewing a series I apply it on top of its base commit so I don't have to worry about conflicts =E2=80=94 they're a lot easier to fix all at once in a rebase once I've reviewed all the patches and am immediately familiar with what they do =E2=80=94 but the base commit= in this series does not exist in the upstream repository, so I can't do that. After solving enough conflicts I realise that it must be because this series depends on your other one to separate out verity data, which I now recall you saying would be needed for updates, so I'll go and review that one now, and then come back here when I'm done. All this is just to say that as a patch submitter, there's a lot that can be done relatively cheaply to save a lot of inference on the part of the reviewer. It might be helpful to go through your cover letter and patches one by one in order before submission, and imagine being a reviewer who has not read the whole series in its current version, and has probably forgotten the intricacies of previous versions =E2=80=94 what information will help them understand what's happening? If I could just review patches one by one without having to jump back and forth, I think it could go so much faster. I'd be able to stop between any two patches as well, so I wouldn't need to wait until I have enough uninterrupted time to go through the whole thing at once. Like this it's a bit of a slog, because I'm spending a lot of time trying to remember or even guess what's going on, rather than being told. [1]: https://spectrum-os.org/lists/archives/spectrum-devel/87ikfdapmx.fsf@a= lyssa.is --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQQGoGac7QfI+H5ZtFCZddwkt31pFQUCaSWfbgAKCRCZddwkt31p FbKkAQDRC/T+uDU7sH5Imx9BJMHZyfrgZI9NlC7Ay085+X9pLwD+OLb3WW1xLLSz o9iMGec0NcWi+BndU9TkpKKvm9cwCQI= =x8If -----END PGP SIGNATURE----- --=-=-=--