Release of Greenboot Rust Rewrite

Summary

A rewrite of Greenboot written in Rust will be released, designed for use with bootc and rpm-ostree based systems. This Greenboot release will have the same functionality as the original Bash release, which was only intended for rpm-ostree based systems.

Owner

• Name: Sayan Paul
• Email: saypaul@redhat.com
• Name: Paul Whalen
• Email: pwhalen@redhat.com
• Name: David Jachimowicz
• Email: djachimo@redhat.com

Current status

• Targeted release: Fedora Linux 43
• Last updated: 2025-09-09
• Announced
• Discussion thread
• FESCo issue: #3459
• Tracker bug: #2394089
• Release notes tracker: #261

Detailed Description

As this release is a Rust rewrite of the Bash Greenboot version, the functionality remains the same. It is detailed as follows:

Greenboot-RS exists to provide health check and rollback functionality to bootc and rpm-ostree based systems. It allows a user to specify health checks (scripts and binaries) to run every time the system boots. These health checks can be either required or wanted, with the difference of wanted checks not needing to succeed to allow a boot. If any required checks fail the system will reboot, and may rollback to a previous, working deployment if necessary.

Greenboot consists of two packages: greenboot and greenboot-default-health-checks. The former, greenboot comprises all the core functionalities of Greenboot. This includes checking provided scripts and binaries, rebooting when required scripts or binaries fail, and rolling back to a previous deployment if the problem remains unsolved. The second package, greenboot-default-health-checks, contains a series of optional health checks curated and provided by the Greenboot maintainers.

A Greenboot execution begins on boot with greenboot-healthcheck.service, which runs before systemd's boot-complete.target. It launches /usr/libexec/greenboot/greenboot check, which runs the required.d and wanted.d scripts.

If any script in required.d fails, greenboot run the scripts in the red.d folder. Following this, a MOTD (Message of the Day) is created specifying which scripts have failed. Checks are then performed to determine if there's a need for manual intervention. If not, then the system is rebooted.

If all scripts in required.d succeed:

• boot-complete.target is reached.
• The boot_counter GRUB env variable is unset and the boot_success GRUB env variable is set to 1.
• Runs the scripts in the green.d folder. These are the scripts intended to be run after a successful update.
• A MOTD with a success message is created.

git repo:
greenboot
greenboot-rs

Feedback

Feedback from the community was positive regarding the Bash Greenboot release, and it is now included with every Fedora IoT installation. Various bugs and hiccups have been fixed as they have been found, and those changes are included within this Rust rewrite. This section will continue to be updated as more feedback is presented.

Benefit to Fedora

This release is another step towards the adoption and support of bootc systems with Fedora. Originally, the Greenboot release was written in Bash and designed for use only with rpm-ostree based systems. This change releases a new version of Greenboot, Greenboot-RS, written in Rust and designed for usage with bootc and rpm-ostree based systems. This change will allow users to utilize the advantages of a bootc system, while still having the safety and reliability of Greenboot.

Scope

• Proposal owners:
  • Update with consolidation of services, such that all Greenboot services have been collapsed into a single service.
  • Update to allow seamless bootc upgrading. i.e. Upgrading from Greenboot to Greenboot-RS using only bootc upgrade.

• Other developers: N/A

• Release engineering: #Releng issue number N/A

• Policies and guidelines: N/A (not needed for this Change)

• Trademark approval: N/A (not needed for this Change)

• Alignment with the Fedora Strategy: This change aligns with Fedora's goal of increasing contributors, as it helps further the integration of bootc and Fedora IoT.

Upgrade/compatibility impact

Current IoT users will experience a seamless transition to this new Greenboot release, using rpm-ostree upgrade to grab the new version. This new release will retain all the functionality of previous versions.

Early Testing (Optional)

N/A

Do you require 'QA Blueprint' support? No

How To Test

Once added to the Fedora IoT compose, you can test Greenboot-RS basic functionality by logging in via SSH. You should be greeted by this MOTD:

Boot Status is GREEN - Health Check SUCCESS

Ensure that the boot status and health check are both listed as above.

User Experience

Current IoT Users should notice no changes, apart from their Greenboot version iterating after rpm-ostree upgrade. All functionality from previous Greenboot versions is retained, so the health check features they are used to will still remain.

Future IoT Users leveraging bootc will notice Greenboot support included when setting up IoT with bootc. These Users will now have access to the health check and rollback features Greenboot provides, and will start to see a Greenboot MOTD when booting their systems.

Dependencies

N/A

Contingency Plan

In the event of unexpected issues or setbacks with Greenboot-RS implementation, we will rollback to the previous Bash Greenboot implementation. As the release plan for Greenboot-RS involves creating a separate Greenboot-RS package, rollback will be accomplished by reverting the Provides / Obsoletes / Conflicts in the new Greenboot-RS package.

• Contingency mechanism: Reverting the Provides / Obsoletes / Conflicts in the new Greenboot-RS package.
• Contingency deadline: 08-26-2025
• Blocks release? N/A (not a System Wide Change), Yes/No

Documentation

N/A (not a System Wide Change)

Release Notes