mirror of
https://github.com/systemd/systemd
synced 2025-09-28 16:24:45 +02:00
Compare commits
7 Commits
9ae5fed64e
...
664e54b1bb
| Author | SHA1 | Date | |
|---|---|---|---|
|
664e54b1bb | ||
|
|
9d252fbb94 | ||
|
|
6a117acf5e | ||
|
|
052ba0ebae | ||
|
|
2ab214eac1 | ||
|
|
5183c50add | ||
|
|
1f5a21324c |
@ -110,11 +110,11 @@ int import_fork_tar_x(const char *path, pid_t *ret) {
|
||||
}
|
||||
|
||||
if (unshare(CLONE_NEWNET) < 0)
|
||||
log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m");
|
||||
log_warning_errno(errno, "Failed to lock tar into network namespace, ignoring: %m");
|
||||
|
||||
r = capability_bounding_set_drop(retain, true);
|
||||
if (r < 0)
|
||||
log_error_errno(r, "Failed to drop capabilities, ignoring: %m");
|
||||
log_warning_errno(r, "Failed to drop capabilities, ignoring: %m");
|
||||
|
||||
/* Try "gtar" before "tar". We only test things upstream with GNU tar. Some distros appear to
|
||||
* install a different implementation as "tar" (in particular some that do not support the
|
||||
|
||||
@ -3,6 +3,13 @@
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
typedef enum ImportFlags {
|
||||
IMPORT_FORCE = 1 << 0, /* replace existing image */
|
||||
IMPORT_READ_ONLY = 1 << 1, /* make generated image read-only */
|
||||
|
||||
IMPORT_FLAGS_MASK = IMPORT_FORCE|IMPORT_READ_ONLY,
|
||||
} ImportFlags;
|
||||
|
||||
int import_make_read_only_fd(int fd);
|
||||
int import_make_read_only(const char *path);
|
||||
|
||||
|
||||
@ -196,6 +196,7 @@ static int import_fs(int argc, char *argv[], void *userdata) {
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
|
||||
(void) import_assign_pool_quota_and_warn(arg_image_root);
|
||||
(void) import_assign_pool_quota_and_warn(temp_path);
|
||||
|
||||
if (arg_read_only) {
|
||||
|
||||
@ -34,8 +34,7 @@ struct RawImport {
|
||||
void *userdata;
|
||||
|
||||
char *local;
|
||||
bool force_local;
|
||||
bool read_only;
|
||||
ImportFlags flags;
|
||||
|
||||
char *temp_path;
|
||||
char *final_path;
|
||||
@ -213,13 +212,13 @@ static int raw_import_finish(RawImport *i) {
|
||||
(void) copy_xattr(i->input_fd, i->output_fd);
|
||||
}
|
||||
|
||||
if (i->read_only) {
|
||||
if (i->flags & IMPORT_READ_ONLY) {
|
||||
r = import_make_read_only_fd(i->output_fd);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
if (i->force_local)
|
||||
if (i->flags & IMPORT_FORCE)
|
||||
(void) rm_rf(i->final_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
|
||||
|
||||
r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
|
||||
@ -386,12 +385,13 @@ static int raw_import_on_defer(sd_event_source *s, void *userdata) {
|
||||
return raw_import_process(i);
|
||||
}
|
||||
|
||||
int raw_import_start(RawImport *i, int fd, const char *local, bool force_local, bool read_only) {
|
||||
int raw_import_start(RawImport *i, int fd, const char *local, ImportFlags flags) {
|
||||
int r;
|
||||
|
||||
assert(i);
|
||||
assert(fd >= 0);
|
||||
assert(local);
|
||||
assert(!(flags & ~IMPORT_FLAGS_MASK));
|
||||
|
||||
if (!hostname_is_valid(local, 0))
|
||||
return -EINVAL;
|
||||
@ -406,8 +406,8 @@ int raw_import_start(RawImport *i, int fd, const char *local, bool force_local,
|
||||
r = free_and_strdup(&i->local, local);
|
||||
if (r < 0)
|
||||
return r;
|
||||
i->force_local = force_local;
|
||||
i->read_only = read_only;
|
||||
|
||||
i->flags = flags;
|
||||
|
||||
if (fstat(fd, &i->st) < 0)
|
||||
return -errno;
|
||||
|
||||
@ -3,6 +3,7 @@
|
||||
|
||||
#include "sd-event.h"
|
||||
|
||||
#include "import-common.h"
|
||||
#include "import-util.h"
|
||||
#include "macro.h"
|
||||
|
||||
@ -15,4 +16,4 @@ RawImport* raw_import_unref(RawImport *import);
|
||||
|
||||
DEFINE_TRIVIAL_CLEANUP_FUNC(RawImport*, raw_import_unref);
|
||||
|
||||
int raw_import_start(RawImport *i, int fd, const char *local, bool force_local, bool read_only);
|
||||
int raw_import_start(RawImport *i, int fd, const char *local, ImportFlags flags);
|
||||
|
||||
@ -36,8 +36,7 @@ struct TarImport {
|
||||
void *userdata;
|
||||
|
||||
char *local;
|
||||
bool force_local;
|
||||
bool read_only;
|
||||
ImportFlags flags;
|
||||
|
||||
char *temp_path;
|
||||
char *final_path;
|
||||
@ -183,13 +182,13 @@ static int tar_import_finish(TarImport *i) {
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
if (i->read_only) {
|
||||
if (i->flags & IMPORT_READ_ONLY) {
|
||||
r = import_make_read_only(i->temp_path);
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
|
||||
if (i->force_local)
|
||||
if (i->flags & IMPORT_FORCE)
|
||||
(void) rm_rf(i->final_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
|
||||
|
||||
r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
|
||||
@ -223,8 +222,10 @@ static int tar_import_fork_tar(TarImport *i) {
|
||||
r = btrfs_subvol_make_fallback(i->temp_path, 0755);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to create directory/subvolume %s: %m", i->temp_path);
|
||||
if (r > 0) /* actually btrfs subvol */
|
||||
if (r > 0) { /* actually btrfs subvol */
|
||||
(void) import_assign_pool_quota_and_warn(i->image_root);
|
||||
(void) import_assign_pool_quota_and_warn(i->temp_path);
|
||||
}
|
||||
|
||||
i->tar_fd = import_fork_tar_x(i->temp_path, &i->tar_pid);
|
||||
if (i->tar_fd < 0)
|
||||
@ -322,12 +323,13 @@ static int tar_import_on_defer(sd_event_source *s, void *userdata) {
|
||||
return tar_import_process(i);
|
||||
}
|
||||
|
||||
int tar_import_start(TarImport *i, int fd, const char *local, bool force_local, bool read_only) {
|
||||
int tar_import_start(TarImport *i, int fd, const char *local, ImportFlags flags) {
|
||||
int r;
|
||||
|
||||
assert(i);
|
||||
assert(fd >= 0);
|
||||
assert(local);
|
||||
assert(!(flags & ~IMPORT_FLAGS_MASK));
|
||||
|
||||
if (!hostname_is_valid(local, 0))
|
||||
return -EINVAL;
|
||||
@ -342,8 +344,8 @@ int tar_import_start(TarImport *i, int fd, const char *local, bool force_local,
|
||||
r = free_and_strdup(&i->local, local);
|
||||
if (r < 0)
|
||||
return r;
|
||||
i->force_local = force_local;
|
||||
i->read_only = read_only;
|
||||
|
||||
i->flags = flags;
|
||||
|
||||
if (fstat(fd, &i->st) < 0)
|
||||
return -errno;
|
||||
|
||||
@ -3,6 +3,7 @@
|
||||
|
||||
#include "sd-event.h"
|
||||
|
||||
#include "import-common.h"
|
||||
#include "import-util.h"
|
||||
#include "macro.h"
|
||||
|
||||
@ -15,4 +16,4 @@ TarImport* tar_import_unref(TarImport *import);
|
||||
|
||||
DEFINE_TRIVIAL_CLEANUP_FUNC(TarImport*, tar_import_unref);
|
||||
|
||||
int tar_import_start(TarImport *import, int fd, const char *local, bool force_local, bool read_only);
|
||||
int tar_import_start(TarImport *import, int fd, const char *local, ImportFlags flags);
|
||||
|
||||
@ -19,9 +19,8 @@
|
||||
#include "string-util.h"
|
||||
#include "verbs.h"
|
||||
|
||||
static bool arg_force = false;
|
||||
static bool arg_read_only = false;
|
||||
static const char *arg_image_root = "/var/lib/machines";
|
||||
static ImportFlags arg_import_flags = 0;
|
||||
|
||||
static int interrupt_signal_handler(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
|
||||
log_notice("Transfer aborted.");
|
||||
@ -48,14 +47,12 @@ static int import_tar(int argc, char *argv[], void *userdata) {
|
||||
int r, fd;
|
||||
|
||||
if (argc >= 2)
|
||||
path = argv[1];
|
||||
path = empty_or_dash_to_null(path);
|
||||
path = empty_or_dash_to_null(argv[1]);
|
||||
|
||||
if (argc >= 3)
|
||||
local = argv[2];
|
||||
local = empty_or_dash_to_null(argv[2]);
|
||||
else if (path)
|
||||
local = basename(path);
|
||||
local = empty_or_dash_to_null(local);
|
||||
|
||||
if (local) {
|
||||
r = tar_strip_suffixes(local, &ll);
|
||||
@ -69,17 +66,16 @@ static int import_tar(int argc, char *argv[], void *userdata) {
|
||||
"Local image name '%s' is not valid.",
|
||||
local);
|
||||
|
||||
if (!arg_force) {
|
||||
if (!FLAGS_SET(arg_import_flags, IMPORT_FORCE)) {
|
||||
r = image_find(IMAGE_MACHINE, local, NULL, NULL);
|
||||
if (r < 0) {
|
||||
if (r != -ENOENT)
|
||||
return log_error_errno(r, "Failed to check whether image '%s' exists: %m", local);
|
||||
} else {
|
||||
} else
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EEXIST),
|
||||
"Image '%s' already exists.",
|
||||
local);
|
||||
}
|
||||
}
|
||||
} else
|
||||
local = "imported";
|
||||
|
||||
@ -112,7 +108,7 @@ static int import_tar(int argc, char *argv[], void *userdata) {
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to allocate importer: %m");
|
||||
|
||||
r = tar_import_start(import, fd, local, arg_force, arg_read_only);
|
||||
r = tar_import_start(import, fd, local, arg_import_flags);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to import image: %m");
|
||||
|
||||
@ -143,14 +139,12 @@ static int import_raw(int argc, char *argv[], void *userdata) {
|
||||
int r, fd;
|
||||
|
||||
if (argc >= 2)
|
||||
path = argv[1];
|
||||
path = empty_or_dash_to_null(path);
|
||||
path = empty_or_dash_to_null(argv[1]);
|
||||
|
||||
if (argc >= 3)
|
||||
local = argv[2];
|
||||
local = empty_or_dash_to_null(argv[2]);
|
||||
else if (path)
|
||||
local = basename(path);
|
||||
local = empty_or_dash_to_null(local);
|
||||
|
||||
if (local) {
|
||||
r = raw_strip_suffixes(local, &ll);
|
||||
@ -164,17 +158,16 @@ static int import_raw(int argc, char *argv[], void *userdata) {
|
||||
"Local image name '%s' is not valid.",
|
||||
local);
|
||||
|
||||
if (!arg_force) {
|
||||
if (!FLAGS_SET(arg_import_flags, IMPORT_FORCE)) {
|
||||
r = image_find(IMAGE_MACHINE, local, NULL, NULL);
|
||||
if (r < 0) {
|
||||
if (r != -ENOENT)
|
||||
return log_error_errno(r, "Failed to check whether image '%s' exists: %m", local);
|
||||
} else {
|
||||
} else
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EEXIST),
|
||||
"Image '%s' already exists.",
|
||||
local);
|
||||
}
|
||||
}
|
||||
} else
|
||||
local = "imported";
|
||||
|
||||
@ -207,7 +200,7 @@ static int import_raw(int argc, char *argv[], void *userdata) {
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to allocate importer: %m");
|
||||
|
||||
r = raw_import_start(import, fd, local, arg_force, arg_read_only);
|
||||
r = raw_import_start(import, fd, local, arg_import_flags);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to import image: %m");
|
||||
|
||||
@ -270,7 +263,7 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
return version();
|
||||
|
||||
case ARG_FORCE:
|
||||
arg_force = true;
|
||||
arg_import_flags |= IMPORT_FORCE;
|
||||
break;
|
||||
|
||||
case ARG_IMAGE_ROOT:
|
||||
@ -278,7 +271,7 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
break;
|
||||
|
||||
case ARG_READ_ONLY:
|
||||
arg_read_only = true;
|
||||
arg_import_flags |= IMPORT_READ_ONLY;
|
||||
break;
|
||||
|
||||
case '?':
|
||||
|
||||
@ -424,8 +424,10 @@ static int tar_pull_job_on_open_disk_tar(PullJob *j) {
|
||||
r = btrfs_subvol_make_fallback(i->temp_path, 0755);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to create directory/subvolume %s: %m", i->temp_path);
|
||||
if (r > 0) /* actually btrfs subvol */
|
||||
if (r > 0) { /* actually btrfs subvol */
|
||||
(void) import_assign_pool_quota_and_warn(i->image_root);
|
||||
(void) import_assign_pool_quota_and_warn(i->temp_path);
|
||||
}
|
||||
|
||||
j->disk_fd = import_fork_tar_x(i->temp_path, &i->tar_pid);
|
||||
if (j->disk_fd < 0)
|
||||
|
||||
@ -3488,7 +3488,7 @@ static int help(void) {
|
||||
" them\n"
|
||||
" --can-factory-reset Test whether factory reset is defined\n"
|
||||
" --root=PATH Operate relative to root path\n"
|
||||
" --definitions=DIR Find partitions in specified directory\n"
|
||||
" --definitions=DIR Find partition definitions in specified directory\n"
|
||||
" --key-file=PATH Key to use when encrypting partitions\n"
|
||||
" --tpm2-device=PATH Path to TPM2 device node to use\n"
|
||||
" --tpm2-pcrs=PCR1,PCR2,…\n"
|
||||
|
||||
@ -143,15 +143,7 @@ int raw_strip_suffixes(const char *p, char **ret) {
|
||||
int import_assign_pool_quota_and_warn(const char *path) {
|
||||
int r;
|
||||
|
||||
r = btrfs_subvol_auto_qgroup("/var/lib/machines", 0, true);
|
||||
if (r == -ENOTTY) {
|
||||
log_debug_errno(r, "Failed to set up default quota hierarchy for /var/lib/machines, as directory is not on btrfs or not a subvolume. Ignoring.");
|
||||
return 0;
|
||||
}
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to set up default quota hierarchy for /var/lib/machines: %m");
|
||||
if (r > 0)
|
||||
log_info("Set up default quota hierarchy for /var/lib/machines.");
|
||||
assert(path);
|
||||
|
||||
r = btrfs_subvol_auto_qgroup(path, 0, true);
|
||||
if (r == -ENOTTY) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user