prepare-root: Don't parse target root when composefs enabled

We shouldn't load anything from the target root filesystem *before* verifying its integrity if composefs is enabled. In effect, we want to force composefs users to migrate to `/usr/lib/ostree/prepare-root.conf` which lives in the initramfs. (But because we enable sysroot.readonly=true if composefs is enabled too, they don't actually need to)
ostreedev · Jul 24, 2023 · 93a4fcc · 93a4fcc
1 parent 562bfbc
commit 93a4fcc
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c
@@ -371,8 +371,10 @@ main (int argc, char *argv[])
   /* Fall back to querying the repository configuration in the target disk.
    * This is an operating system builder choice.  More info:
    * https://github.com/ostreedev/ostree/pull/1767
+   * However, we only do this if composefs is not enabled, because we don't
+   * want to parse the target root filesystem before verifying its integrity.
    */
-  if (!sysroot_readonly)
+  if (!sysroot_readonly && composefs_config->enabled != OT_TRISTATE_YES)
     {
       sysroot_readonly = sysroot_is_configured_ro (root_arg);
       // Encourage porting to the new config file