updated to new libcitadel api
This commit is contained in:
parent
fff6ddb15a
commit
adbae8a971
@ -2,7 +2,6 @@ use std::path::{Path, PathBuf};
|
|||||||
use std::fs;
|
use std::fs;
|
||||||
|
|
||||||
use libcitadel::Result;
|
use libcitadel::Result;
|
||||||
use libcitadel::util;
|
|
||||||
|
|
||||||
///
|
///
|
||||||
/// Represents a disk partition device on the system
|
/// Represents a disk partition device on the system
|
||||||
@ -73,14 +72,14 @@ impl DiskPartition {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub fn mount<P: AsRef<Path>>(&self, target: P) -> Result<()> {
|
pub fn mount<P: AsRef<Path>>(&self, target: P) -> Result<()> {
|
||||||
util::exec_cmdline("/usr/bin/mount", format!("{} {}", self.path.display(), target.as_ref().display()))
|
cmd!("/usr/bin/mount", "{} {}", self.path.display(), target.as_ref().display())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn umount(&self) -> Result<()> {
|
pub fn umount(&self) -> Result<()> {
|
||||||
util::exec_cmdline("/usr/bin/umount", self.path().to_str().unwrap())
|
cmd!("/usr/bin/umount", "{}", self.path().display())
|
||||||
}
|
}
|
||||||
|
|
||||||
fn partition_fstype(&self) -> Result<String> {
|
fn partition_fstype(&self) -> Result<String> {
|
||||||
util::exec_cmdline_with_output("/usr/bin/lsblk", format!("-dno FSTYPE {}", self.path().display()))
|
cmd_with_output!("/usr/bin/lsblk", "-dno FSTYPE {}", self.path().display())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,12 +1,11 @@
|
|||||||
|
|
||||||
use std::thread::{self,JoinHandle};
|
|
||||||
use std::time;
|
|
||||||
use std::path::Path;
|
use std::path::Path;
|
||||||
use std::ffi::OsStr;
|
use std::ffi::OsStr;
|
||||||
use std::fs;
|
use std::fs;
|
||||||
|
use std::thread::{self,JoinHandle};
|
||||||
|
use std::time::{self,Instant};
|
||||||
|
|
||||||
use libcitadel::Result;
|
use libcitadel::Result;
|
||||||
use libcitadel::util;
|
|
||||||
use libcitadel::ResourceImage;
|
use libcitadel::ResourceImage;
|
||||||
use crate::boot::disks;
|
use crate::boot::disks;
|
||||||
use crate::boot::rootfs::setup_rootfs_resource;
|
use crate::boot::rootfs::setup_rootfs_resource;
|
||||||
@ -22,6 +21,7 @@ pub fn live_rootfs() -> Result<()> {
|
|||||||
|
|
||||||
pub fn live_setup() -> Result<()> {
|
pub fn live_setup() -> Result<()> {
|
||||||
decompress_images()?;
|
decompress_images()?;
|
||||||
|
info!("Starting live setup");
|
||||||
let live = Installer::new_livesetup();
|
let live = Installer::new_livesetup();
|
||||||
live.run()
|
live.run()
|
||||||
}
|
}
|
||||||
@ -64,7 +64,7 @@ fn deploy_artifacts() -> Result<()> {
|
|||||||
let run_images = Path::new(IMAGE_DIRECTORY);
|
let run_images = Path::new(IMAGE_DIRECTORY);
|
||||||
if !run_images.exists() {
|
if !run_images.exists() {
|
||||||
fs::create_dir_all(run_images)?;
|
fs::create_dir_all(run_images)?;
|
||||||
util::exec_cmdline("/bin/mount", "-t tmpfs -o size=4g images /run/citadel/images")?;
|
cmd!("/bin/mount", "-t tmpfs -o size=4g images /run/citadel/images")?;
|
||||||
}
|
}
|
||||||
|
|
||||||
for entry in fs::read_dir("/boot/images")? {
|
for entry in fs::read_dir("/boot/images")? {
|
||||||
@ -122,7 +122,7 @@ fn find_rootfs_image() -> Result<ResourceImage> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
fn decompress_images() -> Result<()> {
|
fn decompress_images() -> Result<()> {
|
||||||
println!("decompressing images");
|
info!("Decompressing images");
|
||||||
let mut threads = Vec::new();
|
let mut threads = Vec::new();
|
||||||
for entry in fs::read_dir("/run/citadel/images")? {
|
for entry in fs::read_dir("/run/citadel/images")? {
|
||||||
let entry = entry?;
|
let entry = entry?;
|
||||||
@ -137,12 +137,20 @@ fn decompress_images() -> Result<()> {
|
|||||||
for t in threads {
|
for t in threads {
|
||||||
t.join().unwrap()?;
|
t.join().unwrap()?;
|
||||||
}
|
}
|
||||||
|
info!("Finished decompressing images");
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
fn decompress_one_image(image: ResourceImage) -> JoinHandle<Result<()>> {
|
fn decompress_one_image(image: ResourceImage) -> JoinHandle<Result<()>> {
|
||||||
thread::spawn(move ||{
|
thread::spawn(move || {
|
||||||
image.decompress()
|
let start = Instant::now();
|
||||||
|
info!("Decompressing {}", image.path().display());
|
||||||
|
image.decompress()?;
|
||||||
|
cmd!("/usr/bin/du", "-h {}", image.path().display())?;
|
||||||
|
info!("Decompress {:?} finished in {} seconds",
|
||||||
|
image.path().file_name().unwrap(),
|
||||||
|
start.elapsed().as_secs());
|
||||||
|
Ok(())
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
@ -1,15 +1,18 @@
|
|||||||
use std::fs;
|
use std::fs;
|
||||||
use std::process::exit;
|
use std::process::exit;
|
||||||
|
|
||||||
use libcitadel::{util,Result,ResourceImage,CommandLine,set_verbose,format_error,KeyRing};
|
use libcitadel::{Result,ResourceImage,CommandLine,format_error,KeyRing,LogLevel,Logger};
|
||||||
|
use libcitadel::RealmManager;
|
||||||
|
|
||||||
mod live;
|
mod live;
|
||||||
mod disks;
|
mod disks;
|
||||||
mod rootfs;
|
mod rootfs;
|
||||||
|
|
||||||
pub fn main(args: Vec<String>) {
|
pub fn main(args: Vec<String>) {
|
||||||
if CommandLine::verbose() {
|
if CommandLine::debug() {
|
||||||
set_verbose(true);
|
Logger::set_log_level(LogLevel::Debug);
|
||||||
|
} else if CommandLine::verbose() {
|
||||||
|
Logger::set_log_level(LogLevel::Info);
|
||||||
}
|
}
|
||||||
|
|
||||||
let command = args.iter().skip(1).next();
|
let command = args.iter().skip(1).next();
|
||||||
@ -17,6 +20,7 @@ pub fn main(args: Vec<String>) {
|
|||||||
let result = match command {
|
let result = match command {
|
||||||
Some(s) if s == "rootfs" => do_rootfs(),
|
Some(s) if s == "rootfs" => do_rootfs(),
|
||||||
Some(s) if s == "setup" => do_setup(),
|
Some(s) if s == "setup" => do_setup(),
|
||||||
|
Some(s) if s == "start-realms" => do_start_realms(),
|
||||||
_ => Err(format_err!("Bad or missing argument")),
|
_ => Err(format_err!("Bad or missing argument")),
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -30,11 +34,7 @@ fn do_rootfs() -> Result<()> {
|
|||||||
if CommandLine::live_mode() || CommandLine::install_mode() {
|
if CommandLine::live_mode() || CommandLine::install_mode() {
|
||||||
live::live_rootfs()
|
live::live_rootfs()
|
||||||
} else {
|
} else {
|
||||||
rootfs::setup_rootfs()?;
|
rootfs::setup_rootfs()
|
||||||
if let Err(err) = setup_keyring() {
|
|
||||||
warn!("Failed to setup keyring: {}", err);
|
|
||||||
}
|
|
||||||
Ok(())
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -45,10 +45,13 @@ fn setup_keyring() -> Result<()> {
|
|||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
fn do_setup() -> Result<()> {
|
fn do_setup() -> Result<()> {
|
||||||
if CommandLine::live_mode() || CommandLine::install_mode() {
|
if CommandLine::live_mode() || CommandLine::install_mode() {
|
||||||
live::live_setup()?;
|
live::live_setup()?;
|
||||||
|
} else {
|
||||||
|
if let Err(err) = setup_keyring() {
|
||||||
|
warn!("Failed to setup keyring: {}", err);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ResourceImage::mount_image_type("kernel")?;
|
ResourceImage::mount_image_type("kernel")?;
|
||||||
@ -65,21 +68,26 @@ fn mount_overlay() -> Result<()> {
|
|||||||
|
|
||||||
info!("Moving /sysroot mount to /rootfs.ro");
|
info!("Moving /sysroot mount to /rootfs.ro");
|
||||||
fs::create_dir_all("/rootfs.ro")?;
|
fs::create_dir_all("/rootfs.ro")?;
|
||||||
util::exec_cmdline("/usr/bin/mount", "--make-private /")?;
|
cmd!("/usr/bin/mount", "--make-private /")?;
|
||||||
util::exec_cmdline("/usr/bin/mount", "--move /sysroot /rootfs.ro")?;
|
cmd!("/usr/bin/mount", "--move /sysroot /rootfs.ro")?;
|
||||||
info!("Mounting tmpfs on /rootfs.rw");
|
info!("Mounting tmpfs on /rootfs.rw");
|
||||||
fs::create_dir_all("/rootfs.rw")?;
|
fs::create_dir_all("/rootfs.rw")?;
|
||||||
util::exec_cmdline("/usr/bin/mount", "-t tmpfs -orw,noatime,mode=755 rootfs.rw /rootfs.rw")?;
|
cmd!("/usr/bin/mount", "-t tmpfs -orw,noatime,mode=755 rootfs.rw /rootfs.rw")?;
|
||||||
info!("Creating /rootfs.rw/work /rootfs.rw/upperdir");
|
info!("Creating /rootfs.rw/work /rootfs.rw/upperdir");
|
||||||
fs::create_dir_all("/rootfs.rw/upperdir")?;
|
fs::create_dir_all("/rootfs.rw/upperdir")?;
|
||||||
fs::create_dir_all("/rootfs.rw/work")?;
|
fs::create_dir_all("/rootfs.rw/work")?;
|
||||||
info!("Mounting overlay on /sysroot");
|
info!("Mounting overlay on /sysroot");
|
||||||
util::exec_cmdline("/usr/bin/mount", "-t overlay overlay -olowerdir=/rootfs.ro,upperdir=/rootfs.rw/upperdir,workdir=/rootfs.rw/work /sysroot")?;
|
cmd!("/usr/bin/mount", "-t overlay overlay -olowerdir=/rootfs.ro,upperdir=/rootfs.rw/upperdir,workdir=/rootfs.rw/work /sysroot")?;
|
||||||
|
|
||||||
info!("Moving /rootfs.ro and /rootfs.rw to new root");
|
info!("Moving /rootfs.ro and /rootfs.rw to new root");
|
||||||
fs::create_dir_all("/sysroot/rootfs.ro")?;
|
fs::create_dir_all("/sysroot/rootfs.ro")?;
|
||||||
fs::create_dir_all("/sysroot/rootfs.rw")?;
|
fs::create_dir_all("/sysroot/rootfs.rw")?;
|
||||||
util::exec_cmdline("/usr/bin/mount", "--move /rootfs.ro /sysroot/rootfs.ro")?;
|
cmd!("/usr/bin/mount", "--move /rootfs.ro /sysroot/rootfs.ro")?;
|
||||||
util::exec_cmdline("/usr/bin/mount", "--move /rootfs.rw /sysroot/rootfs.rw")?;
|
cmd!("/usr/bin/mount", "--move /rootfs.rw /sysroot/rootfs.rw")?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn do_start_realms() -> Result<()> {
|
||||||
|
let manager = RealmManager::load()?;
|
||||||
|
manager.start_boot_realms()
|
||||||
|
}
|
||||||
|
@ -1,8 +1,9 @@
|
|||||||
use std::process::Command;
|
use std::process::Command;
|
||||||
|
|
||||||
use libcitadel::{BlockDev,ResourceImage,CommandLine,ImageHeader,Partition,Result,verity};
|
use libcitadel::{BlockDev, ResourceImage, CommandLine, ImageHeader, Partition, Result, LoopDevice};
|
||||||
use std::path::Path;
|
use std::path::Path;
|
||||||
use std::process::Stdio;
|
use std::process::Stdio;
|
||||||
|
use libcitadel::verity::Verity;
|
||||||
|
|
||||||
pub fn setup_rootfs() -> Result<()> {
|
pub fn setup_rootfs() -> Result<()> {
|
||||||
let mut p = choose_boot_partiton(true)?;
|
let mut p = choose_boot_partiton(true)?;
|
||||||
@ -25,9 +26,9 @@ fn setup_resource_unverified(img: &ResourceImage) -> Result<()> {
|
|||||||
if img.is_compressed() {
|
if img.is_compressed() {
|
||||||
img.decompress()?;
|
img.decompress()?;
|
||||||
}
|
}
|
||||||
let loopdev = img.create_loopdev()?;
|
let loopdev = LoopDevice::create(img.path(), Some(4096), true)?;
|
||||||
info!("Loop device created: {}", loopdev.display());
|
info!("Loop device created: {}", loopdev);
|
||||||
setup_linear_mapping(&loopdev)
|
setup_linear_mapping(loopdev.device())
|
||||||
}
|
}
|
||||||
|
|
||||||
fn setup_resource_verified(img: &ResourceImage) -> Result<()> {
|
fn setup_resource_verified(img: &ResourceImage) -> Result<()> {
|
||||||
@ -52,7 +53,7 @@ fn setup_partition_verified(p: &mut Partition) -> Result<()> {
|
|||||||
}
|
}
|
||||||
info!("Image signature is valid for channel {}", p.metainfo().channel());
|
info!("Image signature is valid for channel {}", p.metainfo().channel());
|
||||||
}
|
}
|
||||||
verity::setup_partition_device(p)?;
|
Verity::setup_partition(p)?;
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user