Developers GNOME OSan experimental distribution for GNOME developers and testers to evaluate the state of development of the desktop environment, get acquainted with emerging new features and test the performance of their applications in the development branches of GNOME, announced about the transition to using the component systemd-sysupdate to organize an atomic system update. The purpose of the change is the desire to adapt the nightly builds of GNOME OS to conduct daily quality control of GNOME development.
Currently, the OSTree system is used to create and update the filling of the GNOME OS root partition, using which the system image is atomically updated from a Git-like repository. The system partition is mounted in read-only mode, and updates are delivered in the form of small portions containing changes relative to the previous state (delta updates), which, for example, during the GNOME testing process, makes it possible, if necessary, to easily roll back the system to one of the previous versions and check whether the identified error appears in it.
Advertisement
The systemd-sysupdate toolkit ships with systemd 251 and is designed to automatically detect, download, and install updates using an atomic partition, file, or directory replacement mechanism. Systemd-sysupdate allows you to use two independent partitions/files/directories, one of which contains the current running resource, and the other installs the next update, after which the partitions/files/directories are swapped.
One of the advantages of switching GNOME OS from OSTree to systemd-sysupdate is the ability to use a verified boot process, in which a chain of trust extends from the bootloader to the system components of the distribution. In addition, using systemd-sysupdate will allow for more complete integration with systemd and enable an architecture that manipulates pre-built system images as indivisible components.
Experiments on creating sysupdate images with UEFI Secure Boot support were carried out back in the fall of last year. In fact, two versions of GNOME OS builds are already available, based on OSTree and systemd-sysupdate. It remains to ensure that sysupdate is integrated with GNOME and provides a graphical interface for updating the system.
Currently, sysupdate-based updates can only be managed from the command line and require root privileges. For integration with GNOME, the D-Bus service has already been developed, which, in combination with Polkit, allows you to manage updates under an unprivileged user. The developed D-Bus service and the associated updatectl utility are intended to turn on into the main body of systemd.
Advertisement
In the future, we plan to add sysupdate-based update management functionality to the GNOME Software application, for which prepared experimental plugin gs-plugin-systemd-sysupdate, which implements the ability to update the OS via the DBus service to sysupdate. Among the still unsolved problems, the need to add support for delta updates to systemd-sysupdate (currently images are loaded only in their entirety) and the creation of tools for simultaneously maintaining several versions of the operating system based on the stable and in development branches of GNOME.
Thanks for reading: