ostree-admin-unlock — Prepare the current deployment for hotfix or development
ostree admin unlock [OPTIONS...]
Remove the read-only bind mount on /usr
and replace it with a writable overlay filesystem. This
default invocation of "unlock" is intended for
development/testing purposes. All changes in the overlay
are lost on reboot. However, this command also supports
"hotfixes", see below.
--hotfixIf this option is provided, the
current deployment will be cloned as a rollback
target. This option is intended for things like
emergency security updates to userspace components
such as sshd. The semantics here
differ from the default "development" unlock mode
in that reboots will retain any changes (which is what
you likely want for security hotfixes).