portable: fix --force flag combination with directory extension

The check for image type uses the wrong variable, so it's applied
when it shouldn't.

Follow-up for 06768b90a32ac0d36252ebc5f426ad471bf29fce

(cherry picked from commit d07aa23c872d13baa2816a69326eea6f9d5271a0)
(cherry picked from commit 78129d7c82f6722f7e0155938ddb91e3079faf45)
(cherry picked from commit 59b953ad3c71e66d948ff2b5d507cd6ec9949d13)

diff --git a/src/portable/portable.c b/src/portable/portable.c
index e5274699b68a72f49a8fd91f5cbcdce4a86ea74c..4f0db1c71cc951f33ec1dce1d6ca50d791955b4c 100644 (file)
--- a/src/portable/portable.c
+++ b/src/portable/portable.c
@@ -1171,7 +1171,7 @@ static int install_chroot_dropin(
                                                ext->path,
                                                /* With --force tell PID1 to avoid enforcing that the image <name> and
                                                 * extension-release.<name> have to match. */
-                                               !IN_SET(type, IMAGE_DIRECTORY, IMAGE_SUBVOLUME) &&
+                                               !IN_SET(ext->type, IMAGE_DIRECTORY, IMAGE_SUBVOLUME) &&
                                                    FLAGS_SET(flags, PORTABLE_FORCE_EXTENSION) ?
                                                        ":x-systemd.relax-extension-release-check\n" :
                                                        "\n",

diff --git a/test/units/TEST-29-PORTABLE.directory.sh b/test/units/TEST-29-PORTABLE.directory.sh
index 5458111ee201d8d2a97c8d4b15ef330f31a540b5..d67aeae548a7c1c3b9d62e1fbc0a38868a4a94a2 100755 (executable)
--- a/test/units/TEST-29-PORTABLE.directory.sh
+++ b/test/units/TEST-29-PORTABLE.directory.sh
@@ -127,6 +127,19 @@ test -L /run/systemd/system.attached/app0.service.d/10-profile.conf
 test -L /run/systemd/system.attached/app1.service.d/10-profile.conf
 portablectl detach --runtime --extension /tmp/app0 --extension /tmp/app1 /tmp/rootdir app0 app1
 
+# Ensure that --force works with directory extensions, and that ExtensionDirectories=
+# is not decorated with :x-systemd.relax-extension-release-check
+portablectl "${ARGS[@]}" attach --force --copy=symlink --now --runtime --extension /tmp/app0 /tmp/rootdir app0
+
+systemctl is-active app0.service
+status="$(portablectl is-attached --extension app0 rootdir)"
+[[ "${status}" == "running-runtime" ]]
+
+grep -q -F "ExtensionDirectories=" /run/systemd/system.attached/app0.service.d/20-portable.conf
+(! grep -q -F "x-systemd.relax-extension-release-check" /run/systemd/system.attached/app0.service.d/20-portable.conf)
+
+portablectl detach --now --runtime --extension /tmp/app0 /tmp/rootdir app0
+
 # Attempt to disable the app unit during detaching. Requires --copy=symlink to reproduce.
 # Provides coverage for https://github.com/systemd/systemd/issues/23481
 portablectl "${ARGS[@]}" attach --copy=symlink --now --runtime /tmp/rootdir minimal-app0

diff --git a/test/units/TEST-29-PORTABLE.image.sh b/test/units/TEST-29-PORTABLE.image.sh
index 376d94c28331a30bad8ddad06fd67cab2c18d443..49c3468f99f772a80b37d801dfa13d85a499e909 100755 (executable)
--- a/test/units/TEST-29-PORTABLE.image.sh
+++ b/test/units/TEST-29-PORTABLE.image.sh
@@ -182,6 +182,9 @@ systemctl is-active app0.service
 status="$(portablectl is-attached --extension /tmp/app10.raw /usr/share/minimal_0.raw)"
 [[ "${status}" == "running-runtime" ]]
 
+# Ensure --force adds relax-extension-release-check for image extensions
+grep -q -F "ExtensionImages=" /run/systemd/system.attached/app0.service.d/20-portable.conf
+
 portablectl inspect --force --cat --extension /tmp/app10.raw /usr/share/minimal_0.raw app0 | grep -q -F "Extension Release: /tmp/app10.raw"
 
 # Ensure that we can detach even when an image has been deleted already (stop the unit manually as