portable: add --copy=mixed to copy images and link profiles

This new mode copies resources provided by the client, so that they remain available for inspect/detach even if the original images are deleted, but symlinks the profile as that is owned by the OS, so that updates are automatically applied.
author: Luca Boccassi <bluca@debian.org> 2024-02-07 01:36:39 +0100
committer: Luca Boccassi <luca.boccassi@gmail.com> 2024-02-08 22:11:26 +0100
commit: 82047a6aa7230031d2a579e81d5f8871c23e0616 (patch)
tree: db8fbbc83232c2a7e0ad640e74d13aee4ada0833 /man
parent: man: mention that preset-all is performed during early boot (diff)
download: systemd-82047a6aa7230031d2a579e81d5f8871c23e0616.tar.xz
systemd-82047a6aa7230031d2a579e81d5f8871c23e0616.zip
2 files changed, 20 insertions, 11 deletions
diff --git a/man/org.freedesktop.portable1.xml b/man/org.freedesktop.portable1.xml
index a41da4f5c3..9b49c610d5 100644
--- a/man/org.freedesktop.portable1.xml
+++ b/man/org.freedesktop.portable1.xml
@@ -229,16 +229,23 @@ node /org/freedesktop/portable1 {
       for the current boot session, and a string representing the preferred copy mode
       (whether to copy the image or to just symlink it) with the following possible values:
       <itemizedlist>
-        <listitem><para>(null)</para></listitem>
+        <listitem><para>(empty)</para></listitem>
 
         <listitem><para>copy</para></listitem>
 
         <listitem><para>symlink</para></listitem>
+
+        <listitem><para>mixed</para></listitem>
       </itemizedlist>
-      This method returns the list of changes applied to the system (for example, which unit was
-      added and is now available as a system service). Each change is represented as a triplet of
-      strings: the type of change applied, the path on which it was applied, and the source
-      (if any). The type of change applied will be one of the following possible values:
+      If an empty string is passed the security profile drop-ins and images will be symlinked while unit
+      files will be copied, <varname>copy</varname> will copy, <varname>symlink</varname> will prefer
+      linking if possible (e.g.: a unit has to be copied out of an image), and <varname>mixed</varname> will
+      prefer linking the resources owned by the OS (e.g.: the portable profile located within the host's
+      /usr/ tree) but will copy the resources owned by the portable image (e.g.: the unit files and the
+      images). This method returns the list of changes applied to the system (for example, which unit was
+      added and is now available as a system service). Each change is represented as a triplet of strings:
+      the type of change applied, the path on which it was applied, and the source (if any). The type of
+      change applied will be one of the following possible values:
       <itemizedlist>
         <listitem><para>copy</para></listitem>
 
diff --git a/man/portablectl.xml b/man/portablectl.xml
index d0d00cf5d2..d241893d4d 100644
--- a/man/portablectl.xml
+++ b/man/portablectl.xml
@@ -321,12 +321,14 @@
       <varlistentry>
         <term><option>--copy=</option></term>
 
-        <listitem><para>When attaching an image, select whether to prefer copying or symlinking of files installed into
-        the host system. Takes one of <literal>copy</literal> (to prefer copying of files), <literal>symlink</literal>
-        (to prefer creation of symbolic links) or <literal>auto</literal> for an intermediary mode where security
-        profile drop-ins are symlinked while unit files are copied. Note that this option expresses a preference only,
-        in cases where symbolic links cannot be created — for example when the image operated on is a raw disk image,
-        and hence not directly referentiable from the host file system — copying of files is used
+        <listitem><para>When attaching an image, select whether to prefer copying or symlinking of files
+        installed into the host system. Takes one of <literal>copy</literal> (files will be copied),
+        <literal>symlink</literal> (to prefer creation of symbolic links), <literal>auto</literal> for an
+        intermediary mode where security profile drop-ins and images are symlinked while unit files are
+        copied, or <literal>mixed</literal> (since v256) where security profile drop-ins are symlinked while
+        unit files and images are copied. Note that this option expresses a preference only, in cases where
+        symbolic links cannot be created — for example when the image operated on is a raw disk image, and
+        hence not directly referentiable from the host file system — copying of files is used
         unconditionally.</para>
 
         <xi:include href="version-info.xml" xpointer="v239"/></listitem>
author	Luca Boccassi <bluca@debian.org>	2024-02-07 01:36:39 +0100
committer	Luca Boccassi <luca.boccassi@gmail.com>	2024-02-08 22:11:26 +0100
commit	82047a6aa7230031d2a579e81d5f8871c23e0616 (patch)
tree	db8fbbc83232c2a7e0ad640e74d13aee4ada0833 /man
parent	man: mention that preset-all is performed during early boot (diff)
download	systemd-82047a6aa7230031d2a579e81d5f8871c23e0616.tar.xz systemd-82047a6aa7230031d2a579e81d5f8871c23e0616.zip