- Stop can now succeed when metadata is stale but runtime indicates running\n- Only uses .running PID fallback for namespace/mock; avoids OCI PID misuse\n- Preserves non-Running states (e.g. Frozen) after stopping\n- Adds integration tests for stale metadata and Frozen stop
- Stop now takes the store lock like other mutating commands\n- Wrap enter/exec/stop errors with env input and resolved id context\n- Enter/exec now return a clearer error when the env is already running or not built
- Guard WAL recovery and stale .running cleanup behind a try-acquired store lock\n- Persist rollback ResetState via MetadataStore to recompute checksums\n- Track a killable host PID for namespace enter/stop and treat SIGTERM/SIGKILL as clean exit\n- Derive OCI status PID via runtime state output\n- Make sandbox chroot script quoting robust for exec/enter
Refactor build and rebuild command handlers to pass BuildOptions instead
of multiple boolean flags, satisfying clippy's excessive-bools and
too-many-arguments lints.
Apply rustfmt output in CLI and core engine code.
Introduce BuildOptions to parameterize build and rebuild.
Add build_with_options/rebuild_with_options to support locked, offline, and
require-pinned-image modes. Locked mode verifies an existing lock file and
fails on drift. Offline mode fails fast when system packages are requested.
Also re-export BuildOptions from karapace-core.
- Run cargo fmt on skip_if_root() blocks
- Add skip_if_root() to migrate_atomic_version_unchanged_on_write_failure
- Add libc dev-dependency to karapace-store for root check
- Remove explicit shell: sh from container rustup steps (OCI exec
can't find sh in PATH; default run shell works)
- Add skip_if_root() to 8 permission-based tests (root bypasses
filesystem permissions in Docker containers)
- Replace dtolnay/rust-toolchain with manual rustup install via sh
for container-based jobs (opensuse lacks bash, which the composite
action requires)
- Keep dtolnay/rust-toolchain for non-container ubuntu jobs
