compose: Drop rpmdb sqlite journaling files if rpmdb-normalize

See rpm-software-management/rpm#2219 This is one of the things that makes builds unreproducible in general, which is worth fixing alone. But the thing immediately driving this now for me is that I think we're getting some ill-defined behavior because we may have these files hardlinked (via ostree) and depending on the container build environment, we may or may not see modifications "through" the hardlink: https://docs.kernel.org/filesystems/overlayfs.html#index If we happen to mutate the `rpmdb.sqlite-shm` file in one path but not the other confusion could easily result. (Actually what we want to do really is drop our other hardlinked copies of the rpmdb entirely, but that's a bigger change) Out of conservatism for now, we only do this if `rpmdb-normalize` is set (which none of the Fedora derivatives set today AFAICS). I do think we should likely do this in client side layering too, but this reduces the blast radius for now. I plan to enable this in fedora-bootc. Signed-off-by: Colin Walters <walters@verbum.org>
coreos · Jan 23, 2025 · 7b0f07f · 7b0f07f
1 parent 57e8e42
commit 7b0f07f
Show file tree

Hide file tree

Showing 5 changed files with 94 additions and 1 deletion.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -79,6 +79,7 @@ phf = { version = "0.11", features = ["macros"] }
 rand = "0.8.5"
 rayon = "1.10.0"
 regex = "1.10"
+rusqlite = "0.32.1"
 reqwest = { version = "0.12", features = ["native-tls", "blocking", "gzip"] }
 rpmostree-client = { path = "rust/rpmostree-client", version = "0.1.0" }
 rust-ini = "0.21.1"

diff --git a/rust/src/normalization.rs b/rust/src/normalization.rs
@@ -7,13 +7,14 @@
 
 use crate::bwrap::Bubblewrap;
 use crate::nameservice::shadow::parse_shadow_content;
-use anyhow::{anyhow, Result};
+use anyhow::{anyhow, Context, Result};
 use cap_std::fs::OpenOptionsExt;
 use cap_std::fs::{Dir, OpenOptions};
 use cap_std_ext::cap_std;
 use fn_error_context::context;
 use ostree_ext::gio;
 use std::io::{BufReader, Read, Seek, SeekFrom, Write};
+use std::os::fd::{AsFd, AsRawFd};
 use std::path::Path;
 
 pub(crate) fn source_date_epoch() -> Option<i64> {
@@ -129,6 +130,27 @@ pub(crate) fn rewrite_rpmdb_timestamps<F: Read + Write + Seek>(rpmdb: &mut F) ->
 
 #[context("Rewriting rpmdb database files for build stability")]
 pub(crate) fn normalize_rpmdb(rootfs: &Dir, rpmdb_path: impl AsRef<Path>) -> Result<()> {
+    let rpmdb_path = rpmdb_path.as_ref();
+    {
+        // Unconditionally clean up the sqlite SHM file if it exists.
+        // https://github.com/rpm-software-management/rpm/issues/2219
+        const RPMDB_SQLITE: &str = "rpmdb.sqlite";
+        const RPMDB_SQLITE_SHM: &str = "rpmdb.sqlite-shm";
+        let subdir = rootfs.open_dir(rpmdb_path)?;
+        if subdir.try_exists(RPMDB_SQLITE_SHM)? {
+            tracing::debug!("Cleaning up {RPMDB_SQLITE_SHM}");
+            let procpath = format!(
+                "/proc/self/fd/{}/{RPMDB_SQLITE}",
+                subdir.as_fd().as_raw_fd()
+            );
+            let conn = rusqlite::Connection::open(&procpath)
+                .with_context(|| format!("Opening {RPMDB_SQLITE}"))?;
+            conn.pragma_update(None, "journal_mode", "DELETE")?;
+            conn.close().map_err(|r| r.1)?;
+        }
+    }
+
+    // If SOURCE_DATE_EPOCH isn't set then we don't attempt to rewrite the database.
     let source_date = if let Some(source_date) = source_date_epoch() {
         source_date as u32
     } else {

diff --git a/tests/compose/libbasic-test.sh b/tests/compose/libbasic-test.sh
@@ -43,6 +43,8 @@ echo "ok etc/default/useradd"
 for path in /usr/share/rpm /usr/lib/sysimage/rpm-ostree-base-db; do
     ostree --repo=${repo} ls -R ${treeref} ${path} > db.txt
     assert_file_has_content_literal db.txt rpmdb.sqlite
+    # Verify we *aren't* normalizing yet
+    assert_file_has_content_literal db.txt rpmdb.sqlite-shm
 done
 ostree --repo=${repo} ls ${treeref} /usr/lib/sysimage/rpm >/dev/null
 echo "ok db"

diff --git a/tests/compose/test-misc-tweaks.sh b/tests/compose/test-misc-tweaks.sh
@@ -50,6 +50,7 @@ cat > config/other.yaml <<'EOF'
 recommends: true
 selinux-label-version: 1
 readonly-executables: true
+rpmdb-normalize: true
 container-cmd:
   - /usr/bin/bash
 opt-usrlocal: "root"
@@ -188,6 +189,12 @@ ostree --repo=${repo} ls ${treeref} /usr/etc > out.txt
 assert_file_has_content out.txt 'etc/sharedfile'
 echo "ok remove-from-packages"
 
+# Verify rpmdb-normalize
+ostree --repo=${repo} ls -R ${treeref} /usr/share/rpm > db.txt
+assert_file_has_content_literal db.txt rpmdb.sqlite
+assert_not_file_has_content_literal db.txt rpmdb.sqlite-shm
+echo "ok db"
+
 ostree --repo=${repo} ls ${treeref} /opt > ls.txt
 assert_file_has_content ls.txt '^d0'
 ostree --repo=${repo} ls ${treeref} /usr/local > ls.txt