Conversation
cgwalters
force-pushed
the
tar-export-work
branch
from
1102422 to
9616f7d
Compare
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a new bootc container export --format=tar command, a significant feature for creating bootable tar archives from container filesystems. However, the implementation has critical security issues related to symlink handling and metadata preservation. Specifically, the use of symlink-following metadata calls and ambient directory handles could lead to information disclosure of host files if a malicious container image is exported. Additionally, directory metadata is not correctly preserved, resulting in incorrect permissions in the exported archive. Beyond these security concerns, there are also suggestions to improve performance by avoiding unnecessary memory allocations when adding SELinux attributes in container_export.rs and to refactor duplicated code in the kernel relocation logic for better maintainability.
cgwalters
force-pushed
the
tar-export-work
branch
from
9616f7d to
e01d90d
Compare
cgwalters
force-pushed
the
tar-export-work
branch
2 times, most recently
from
bec071b to
46b0bac
Compare
Some people want to use container build tools, but for compatibility with older systems export a tar format of the OS state e.g. Anaconda liveimg expects this. Basically this is only *slightly* more than just `tar cf`; we need to handle SELinux labeling and move the kernel. Ref: #1957 Assisted-by: OpenCode (Sonnet 4.5) Signed-off-by: Colin Walters <walters@verbum.org>
Add 'cargo xtask anaconda' command that validates bootc containers can
be installed via Anaconda's liveimg kickstart directive. This is an
end-to-end integration test that:
- Exports a bootc container to tar format using 'bootc container export'
- Downloads and caches Anaconda installer ISOs (CentOS Stream 10, Fedora)
- Generates kickstart files with liveimg --url=file:// directive
- Uses virtiofs to share the tar with the VM (avoids HTTP server complexity)
- Boots VM in UEFI mode with proper BLS boot entry generation
- Monitors installation via Anaconda's virtio serial progress channel
- Verifies installation using bcvk (disk inspection) and optionally SSH
The test handles several tricky aspects of bootc + Anaconda integration:
1. BLS entry generation: bootc tar exports don't include Boot Loader
Specification entries (they need root partition UUID). We generate
these in the kickstart %post script.
2. SSH in chroot: The %post script runs in a chroot where services
can't be started, only enabled. We configure sshd to start on
first boot rather than trying to start it during installation.
3. Bootloader installation: Uses bootupctl to install the bootloader
in the Anaconda %post environment.
Usage:
cargo xtask anaconda [--ssh] [--installer-type=centos-stream-10] \
<container-image> <output-disk>
Assisted-by: OpenCode (Claude Sonnet 4)
cgwalters
force-pushed
the
tar-export-work
branch
from
483adcd to
69b953c
Compare
1 participant
This adds
bootc container exportwhich is designed for compatibilitywith the Anaconda "liveimg" verb:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/automatically_installing_rhel/kickstart-commands-and-options-reference_rhel-installer#liveimg_kickstart-commands-for-installation-program-configuration-and-flow-control
Fixes #1957
Assisted-by: OpenCode (Sonnet 4.5)
Signed-off-by: Colin Walters walters@verbum.org