ostree: move admindir to /etc/alternatives.admindir

[vrothberg]

ostree container commit wipes /var and thereby erases the data in /var/lib/alternatives; the directory used to store configs/symlinks of alternatives.

/var is not a good place for storing such configs since it won't receive updates on bootc images either. We need to move to another location.

Hence, use /etc/alternatives.admindir when running on an ostree-based system unless /var/lib/alternatives is already present; a user may have worked around the problem. This way we enable alternatives to work on ostree-based systems without breaking backwards compat.

Fixes: #9

[vrothberg]

Dockerfile to test:

FROM quay.io/fedora/fedora-bootc:40
COPY alternatives /usr/sbin/alternatives
RUN dnf -y install golang
RUN ls /etc/alternatives.admindir
RUN go help > /dev/null

[travier]

I still think it would be better to do a migration as that would fix things for all systems once instead of us having to write migration scripts and ship them in Fedora CoreOS, Fedora Atomic Desktops, Fedora IoT, etc.

But this LGTM, although I've not tested it.

[vrothberg]

I still think it would be better to do a migration as that would fix things for all systems once instead of us having to write migration scripts and ship them in Fedora CoreOS, Fedora Atomic Desktops, Fedora IoT, etc.

I am not opposed to the migration proposal. @cgwalters WDYT?

[cgwalters]

I definitely like the idea of the migration too, avoiding any drift between image and package mode - the migration would also work more nicely for non-ostree image based systems too.

Though of course, a notable complexity here is that such a migration would need to be a systemd unit - it couldn't be done in %post for image based systems (though it could on package based ones).

[vrothberg]

Dockerfile for testing ostree container:

FROM quay.io/fedora/fedora-bootc:40
COPY alternatives /usr/sbin/alternatives
RUN dnf -y install golang
RUN ls /etc/alternatives /etc/alternatives.admindir
RUN go help > /dev/null

Dockerfile to make sure that the admindir gets created even on package mode:

FROM fedora:40
COPY alternatives /usr/sbin/alternatives
RUN rm -rf /var/lib/alternatives
RUN dnf -y install golang
RUN ls /etc/alternatives /var/lib/alternatives
RUN go help > /dev/null

To test the systemd service, build the Dockerfule, run a detached container and podman-exec into it:

FROM quay.io/fedora/fedora-bootc:40
COPY ./systemd/alternatives-migration.service /usr/lib/systemd/system/
COPY alternatives-migration /usr/libexec/

[lnykryn]

Honestly, I don't like the idea of moving those files on existing systems. It feels really fragile. If we want to move the db elsewhere, it should be done only on new installations and support reading from both directories.

[vrothberg]

Honestly, I don't like the idea of moving those files on existing systems. It feels really fragile. If we want to move the db elsewhere, it should be done only on new installations and support reading from both directories.

I am happy to remove the migration part if you wish. We decided against moving the DB on new installations as it may break existing users. Let's say one machine upgrades to RHEL X.Y and another would does a fresh install, the paths would differ. We also wanted to make sure that users depending on /var/lib/alternatives (for whatever reason) are not impacted.

[vrothberg]

@travier @cgwalters can you chime in?

[cgwalters]

I think as far as a migration it seems doable across a RHEL major (and a fedora major)...the chance for breakage if we did it seems pretty low.

A migration would clearly be useful to be configurable - i.e. we can land the code, have it off by default and opt-in to start). So here's my proposal

• Add a mechanism to opt-in to the new location (env ALTERNATIVES_STATEDIR=/etc/alternatives.admindir or just ALTERNATIVES_STATEDIR_NEW=1? Or maybe again mkdir /etc/alternatives.admindir before installing)
• Change the code so that the new admindir, even if configured on is only used if the old /var path is nonexistent/inactive
• The migration code would be a separate opt-in (build-time option seems viable, then we can flip that on in just rhel10 and fedora 42's spec files and/or start by doing just the migration in e.g. fedora-bootc/FCOS/etc. to start)

[vrothberg]

I think as far as a migration it seems doable across a RHEL major (and a fedora major)...the chance for breakage if we did it seems pretty low.

A migration would clearly be useful to be configurable - i.e. we can land the code, have it off by default and opt-in to start). So here's my proposal

* Add a mechanism to opt-in to the new location (`env ALTERNATIVES_STATEDIR=/etc/alternatives.admindir` or just `ALTERNATIVES_STATEDIR_NEW=1`? Or maybe again `mkdir /etc/alternatives.admindir` before installing)

The latter would be my preference.

* Change the code so that the new admindir, even if configured on is only used if the old `/var` path is nonexistent/inactive

That would be doable. The code still prefers /var if it exists..

* The migration code would be a separate opt-in (build-time option seems viable, then we can flip that on in just rhel10 and fedora 42's spec files _and/or_ start by doing just the migration in e.g. fedora-bootc/FCOS/etc. to start)

I think it could be opt-in by default by just shipping the system service but not enabling it. So fedora-bootc etc. can enable it if desired.

But I personally was already happy with the previous PR who just did its magic on OSTree systems. If we want to add more to it, let's dicuss and agree on the behavior. I don't want to burn too much time.

[cgwalters]

Yeah, I hear you. I'm OK keeping this migration code around in a draft PR, and then we can continue to do the super targeted change?

But...I think the messy thing though is these are kind of entangled...if we change this code to detect /run/ostree-booted, in theory it could break non-bootc ostree systems where the user legitimately configured alternatives locally?

[vrothberg]

Yeah, I hear you. I'm OK keeping this migration code around in a draft PR, and then we can continue to do the super targeted change?

Moved the current state into https://github.com/fedora-sysv/chkconfig/pull/139.

But...I think the messy thing though is these are kind of entangled...if we change this code to detect /run/ostree-booted, in theory it could break non-bootc ostree systems where the user legitimately configured alternatives locally?

Can you elaborate? The code will only use /etc/alternatives.admindir if /var/lib/alternatives doesn't exist, we are running on an OSTree host. It won't switch if the --admindir flag is used.

[vrothberg]

Good to go from my end. @cgwalters @travier @lnykryn @ldv-alt WDYT?

Heads up: I'll be on PTO next week.

[travier]

Not tested but LGTM. My position is still https://github.com/fedora-sysv/chkconfig/pull/135#issuecomment-225563356 & https://github.com/fedora-sysv/chkconfig/pull/134#issuecomment-2250206385. Might be good to make it a change request for Fedora 42.

[lnykryn]

I am OK with the concept. However, I still want to debug what is going on with https://github.com/fedora-sysv/chkconfig/pull/135/commits/6d6b96f770bcae40e3159e4062abb40446c7e1a6, and some small bits in the code bother me. But to save everyone's time I can just force-push that here.

[vrothberg]

I am OK with the concept. However, I still want to debug what is going on with 6d6b96f, and some small bits in the code bother me. But to save everyone's time I can just force-push that here.

Sounds great, thanks! Feel free to take over this PR.

[vrothberg]

Thanks! Do we need to cut a new upstream release to get the changes into Fedora/RHEL?

[lnykryn]

@jamacku already did that https://github.com/fedora-sysv/chkconfig/commit/81cda82ee74c97efd0e879b340e3daeeed10654f