bootc-dev/bootc v1.16.0

Release v1.16.0

on GitHub

bootc 1.16.0

Release cadence change

Starting with this release, bootc switches to a weekly release cadence. Patch version bumps will be the default; the minor version will be reserved for releases with notable features. See #2225.

New features

• composefs: Transient /etc, transient root, and volatile /var — bootc now properly supports running with a transient (overlayfs) /etc, a transient root, and documents the systemd.volatile=state path for volatile /var. This is particularly useful for sealed/immutable image configurations. (#2201)

• Unified storage update — The composefs manifest is now a GC root, replacing the legacy .imginfo sidecar files. The chain is now: bootloader entry → deployment → origin file → manifest digest → manifest → objects. Old .imginfo-based systems are still supported for backward compatibility. (#2044). This is part of heading towards declaring the composefs fully stable - a lot more to come!

• BOOTC_EXP_EXTERNAL_CONTAINER_TOOL env override — A new experimental environment variable allows substituting an alternative binary in place of both podman and skopeo, useful for downstream projects shipping a single unified container tool. (#2192)

• ostree-ext: Reuse prior packing layout with exclusive components — When exclusive components have already been split into dedicated layers, the prior-build packing layout is now reused, improving layer stability across rebuilds. (#2109)

Notable bugfixes

• Fix orphaned /etc/shadow and /etc/gshadow entries before sysusers — Adds a generator that detects and removes shadow file entries left behind during the migration from nss-altfiles to systemd-sysusers, preventing fatal boot errors. (#2207)

• install: Don't fsfreeze VFAT — bootc install to-filesystem no longer attempts to freeze VFAT filesystems (e.g. the ESP mounted at /boot), which do not support FIFREEZE/FITHAW. (#2196)

• bootloader: Fix systemd-boot installs — Several issues with systemd-boot-based installs are resolved: bootctl now runs with --generic-image to avoid touching EFI variables, temporary writes that require a writable /etc are redirected, and SYSTEMD_RELAX_ESP_CHECKS=1 is set to avoid unnecessary udev lookups. (#2191)

• composefs GC: Clean up bootloader binaries on finalize — After atomically swapping staged bootloader entries, GC now runs for BLS/UKI binaries no longer referenced by any entry. The composefs object repository is pruned on the next update/switch. (#2206)

• Rollback fixes — Staged deployments are now removed on rollback (matching ostree behavior), and bootloader entry sorting for composefs is now correct for both systemd-boot (by sort-key) and GRUB (by filename). (#2213)

• bootloader: Run bootupctl via chroot instead of bwrap — Avoids issues in environments where bwrap is unavailable or restricted. (#2210)

• blockdev: Restore multipath partition number fallback — Fixes partition number detection from device path for multipath devices. (#2219)

What's Changed

• Add meetings directory with instructions to find meetings and notes by @mohan-shash in #2181
• Use --replacepkgs when installing local builds by @jeckersb in #2180
• ci: Hard require that generated code is updated in CI by @cgwalters in #2183
• Include meetings info by @mohan-shash in #2182
• Update composefs, unified storage by @cgwalters in #2044
• ci: Split up network fetches and retry with Justfile targets by @cgwalters in #2187
• Fix two external issues breaking cfs on latest f44+ by @cgwalters in #2195
• deps: Update containers-image-proxy to 0.10.0 by @jeckersb in #2188
• install: don't fsfreeze VFAT by @supakeen in #2196
• ci: Fix kernel downgrade to let scriptlets run with TMPDIR=/var/tmp by @cgwalters in #2198
• fix(deps): update rust by @bootc-bot[bot] in #2139
• Clean up docs warnings and add CI gate by @jeckersb in #2189
• Remove bootupd copr install by @jeckersb in #2199
• Sync common files from infra repository by @bootc-bot[bot] in #2193
• fix(deps): update rust by @bootc-bot[bot] in #2202
• bootloader: Fix a few things related to systemd-boot installs by @cgwalters in #2191
• composefs: Support transient /etc, transient root, and volatile /var by @cgwalters in #2201
• utils: add BOOTC_EXP_EXTERNAL_CONTAINER_TOOL env override by @ericcurtin in #2192
• Composefs GC changes by @Johan-Liebert1 in #2206
• bootloader: Run bootupctl via chroot instead of bwrap by @cdellacqua in #2210
• ostree-ext: reuse prior packing with exclusive components by @officialasishkumar in #2109
• generator: Fix orphaned /etc/shadow and /etc/gshadow entries before sysusers by @cgwalters in #2207
• Minor fixes by @Johan-Liebert1 in #2214
• project: Use ImageReference from containers_image_proxy by @Johan-Liebert1 in #2204
• docs: Flesh out some unified storage docs/code a bit by @cgwalters in #2216
• deps: Bump bcvk-qemu to e953294 by @jeckersb in #2217
• Bump Composefs-rs, use buffered UKI readers by @Johan-Liebert1 in #2215
• fix(deps): update rust by @bootc-bot[bot] in #2211
• blockdev: Restore multipath partition number fallback from device path by @ckyrouac in #2219
• xtask: Use insecure firmware for all non-sealed VM tests by @jmarrero in #2235
• docs: Replace bootc-dev.github.io with bootc.dev by @jeckersb in #2234
• MAINTAINERS: Add Mark Russell. by @jmarrero in #2222
• Switch over to weekly releases by default by @cgwalters in #2225
• Rollback Fixes by @Johan-Liebert1 in #2213
• Release 1.16.0 by @bootc-bot[bot] in #2242

New Contributors

• @supakeen made their first contribution in #2196
• @cdellacqua made their first contribution in #2210
• @officialasishkumar made their first contribution in #2109

Full Changelog: v1.15.2...v1.16.0

New Contributors

• @supakeen made their first contribution in #2196
• @cdellacqua made their first contribution in #2210
• @officialasishkumar made their first contribution in #2109

Full Changelog: v1.15.2...v1.16.0

Assets

• bootc-1.16.0-vendor.tar.zstd - Vendored dependencies archive
• bootc-1.16.0.tar.zstd - Source archive