From: Luca Boccassi Date: Fri, 23 Jul 2021 13:45:38 +0000 (+0100) Subject: man: further document extension-release X-Git-Tag: v250-rc1~819^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9c8b6eaa468ec3706e789894d1ddec1e568cbcf0;p=thirdparty%2Fsystemd.git man: further document extension-release --- diff --git a/man/os-release.xml b/man/os-release.xml index a7c60183aef..6be96cf8bc7 100644 --- a/man/os-release.xml +++ b/man/os-release.xml @@ -17,6 +17,7 @@ os-release initrd-release + extension-release Operating system identification @@ -24,6 +25,7 @@ /etc/os-release /usr/lib/os-release /etc/initrd-release + /usr/lib/extension-release.d/extension-release.IMAGE @@ -94,6 +96,28 @@ above) work correctly. The rest of this document that talks about os-release should be understood to apply to initrd-release too. + + + <filename>/usr/lib/extension-release.d/extension-release.<replaceable>IMAGE</replaceable></filename> + + /usr/lib/extension-release.d/extension-release.IMAGE + for extension images plays the same role as os-release in the main system, and follows the + same syntax and rules as described in the Portable Services Documentation. + The purpose of this file is to allow the operating system to correctly match an extension image + to a base OS image, This is typically implemented by first checking that the ID= + options match, and if they do either SYSEXT_LEVEL= has to match too (preferred), or + as a fallback if that is not present VERSION_ID= is checked. This ensures that ABI/API + between the layers matches and no incompatible images are merged in an overlay. + It is preferred that the extension-release.IMAGE filename is suffixed + with the exact file name of the image that contains it, so that all such files in every layer of an overlay are visible. + But for the purpose of parsing metadata, in case it is not possible to guarantee that an image file name is stable + and doesn't change between the build and the deployment phases, the first and only file which name starts with + extension-release., is located in the same directory and is tagged with a + user.extension-release.strict xattr7 + set to the string 0, will be parsed instead, if the one with the expected name cannot be found. + The rest of this document that talks about os-release should be understood to apply to + extension-release too. + @@ -373,7 +397,8 @@ A lower-case string (mostly numeric, no spaces or other characters outside of 0–9, a–z, ".", "_" and "-") identifying the operating system extensions support level, to indicate which - extension images are supported. See + extension images are supported. See /usr/lib/extension-release.d/extension-release.IMAGE, + initrd and systemd-sysext8) for more information. @@ -436,6 +461,13 @@ VARIANT="Workstation Edition" VARIANT_ID=workstation + + <filename>extension-release</filename> file for an extension for Fedora Workstation 32 + + ID=fedora +VERSION_ID=32 + + Reading <filename>os-release</filename> in <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></citerefentry> diff --git a/man/portablectl.xml b/man/portablectl.xml index d798219d459..c5404db0bae 100644 --- a/man/portablectl.xml +++ b/man/portablectl.xml @@ -359,7 +359,11 @@ top of IMAGE when attaching/detaching. This argument can be specified multiple times, in which case the order in which images are laid down follows the rules specified in systemd.exec5 - for the ExtensionImages= directive. + for the ExtensionImages= directive. The image(s) must contain an + extension-release file with metadata that matches what is defined in the + os-release of IMAGE. See: + os-release5. + Note that the same extensions have to be specified, in the same order, when attaching and detaching. diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 008cbe9af1d..eadfc024213 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -428,6 +428,11 @@ paths. If the empty string is assigned, the entire list of mount paths defined prior to this is reset. + Each image must carry a /usr/lib/extension-release.d/extension-release.IMAGE + file, with the appropriate metadata which matches RootImage=/RootDirectory= + or the host. See: + os-release5. + When DevicePolicy= is set to closed or strict, or set to auto and DeviceAllow= is set, then this setting adds /dev/loop-control with rw mode,