Description
Our default stance for bootc is to enable composefs, which requires sysroot.readonly=true, which in turn imposes other requirements/tweaks like ensuring the rootfs is mounted read-write in the initramfs with rw, etc.
It's a trap today if one is bootc switching from a system without this setup to a bootc base image that is, because we'll barf in the initramfs.
Short term, I think we can check at least before the update (and reboot) for this situation. Hmm, something we clearly should have more of but don't is static checks between the phases:
- download new rootfs
- <static checks>
- queue bootloader entry
rpm-ostree at least does a bwrap invocation of true in the new root, which has verified some things in the past.
And the composefs one is pretty easy to check; look in the new root for /usr/lib/ostree/prepare-root.conf and check if it's enabled in the new one, but the current root doesn't have sysroot.readonly.