f175dd1134
Add 'use-fuse' config option to export /dev/fuse to realm.
2022-09-19 09:52:59 -04:00
3dbfda2c40
Use less memory when decompressing images for install
...
1. Delete source image before decompressing temporary file
2. Decompress the images serially instead of spawning a thread for each
one.
2022-05-27 18:06:52 -04:00
668227af1e
citadel-update: copy image files to tmp directory before updating
2021-12-16 16:22:30 -05:00
12eed4d557
Add use-media-dir config option and implement feature.
...
If enabled this will mount /run/media/citadel directory into Realm as
~/Media directory. This makes mounted storage devices visible inside of
Realms. By default this option is enabled only for the main realm.
2021-12-14 06:04:02 -05:00
841ee6016b
Fix a macro warning
2021-12-14 05:59:16 -05:00
160fc47494
Emit event when creating a new realm
2021-11-29 16:15:31 -05:00
9760dfc501
Added pid_namespace() method to Realm
2021-10-04 06:22:33 -04:00
1418462e2c
Don't update self.last_current here
2021-10-04 06:21:44 -04:00
8d8f9b69ee
Add citadel.revert-rootfs boot option
...
Forces booting from the older rootfs partition in case the newer
partition is broken or unbootable.
2021-10-04 06:09:26 -04:00
9fa6b5c9cb
Library API changes
2021-10-04 06:07:43 -04:00
96f7e8be7c
Updated base16.rs to match the updated package in citadel
2021-03-20 20:27:42 -04:00
ee7d0ef166
Fixed a problem where forked realmfs fields were not being updated
2021-01-29 23:06:02 -05:00
a77a7cc07b
Implement the wayland_socket config option for realms
2021-01-18 15:00:39 -05:00
ecca0f5002
Support a manifest line syntax for mounting from and to /sysroot
...
After a resource image has bind mounted directories to the /sysroot
tree, this new syntax makes it possible to then mount further directories
from /sysroot on top of the newly mounted tree.
2020-12-07 17:15:14 -05:00
695dc9da21
Fix a bug introduced during recent refactor
2020-08-07 10:23:35 -04:00
044d8a3457
Create /run/citadel/realms/current if it does not exist or inotify watch will fail
2020-08-05 16:07:47 -04:00
04df758fbb
Use correct format string
2020-08-05 11:22:48 -04:00
7b8cc0c9d4
Fixes a panic() during mkimage
2020-08-03 20:48:50 -04:00
3c195032bb
Refactor how mountpoint filenames are parsed into realmfs name and tag.
...
The old way was more complex and didn't work if realmfs name contains hyphen character.
2020-08-03 19:18:49 -04:00
c9d36aca59
Refactor of error handling to replace 'failure' and to display more context for some errors.
2020-08-03 19:18:49 -04:00
b759e761d3
Initial commit of GTK realm manager
2020-08-03 19:18:49 -04:00
61d5e10034
RealmFS refactored. Much Simpler.
...
The concept of an 'unsealed' RealmFS no longer exists so support for this has been
removed. The result is much less complex and easier to understand and maintain.
2020-08-03 19:18:49 -04:00
b1f5827096
Clean up some warnings
2020-08-03 19:18:49 -04:00
44d5ce660f
Put lockfile in /tmp so that unprivileged users can aquire it
2019-09-20 18:38:21 -04:00
4ce5d439d8
Look up realm by pid.
...
Added RealmManager::realm_by_pid() and dbus method RealmFromCitadelPid
2019-08-26 18:18:26 -04:00
d0eada1e3b
Initial commit of realms dbus daemon
2019-08-25 17:15:13 -04:00
9fb11e3317
Enhanced flexibility in how resource images are mounted.
...
Can now choose location at which resource image is mounted with
mount_at() method. This method also returns a handle which can be
used to later unmount the image.
2019-08-21 00:39:41 -04:00
2e781e2183
Add verity-tag field to verity devices for image types other than realmfs
...
This prevents device name collision when multiple images of the same
type are mounted.
2019-08-21 00:39:41 -04:00
d1f93e9f34
Refactor realm launching code into separate module.
2019-08-21 00:39:41 -04:00
79a52b7a46
fix typo in sha256sum path
2019-08-21 00:39:41 -04:00
f02a9ab4c5
fix realmfs resize calculation bug on update + add e2fsck prior to ext4 resize
2019-08-21 04:28:54 +00:00
7d89c47eb2
Clippy fixes
2019-04-03 16:05:09 -04:00
92cd59eb65
updated with changes to library
2019-04-02 15:17:46 -04:00
8a65aa1708
refactored scattered functions into a class
2019-04-02 15:16:49 -04:00
81e9e224fc
updated to use new ImageHeader correctly
2019-04-02 15:16:12 -04:00
cf85d10055
method added to construct keypair from raw bytes
2019-04-02 15:15:28 -04:00
e493e5180d
implemented some extra functionality
2019-04-02 15:14:41 -04:00
533ed4b8be
ImageHeader refactored to be thread safe and shareable
2019-04-02 15:13:13 -04:00
025d7f3aa4
functions for manipulating symlinks
2019-04-02 15:12:34 -04:00
f9311fa35e
improved logging system and macros
2019-04-02 15:12:10 -04:00
f1ff4e6e20
A new Command wrapper
2019-04-02 15:11:29 -04:00
6f007692dc
added citadel.debug as a recognized kernel command line var
2019-04-02 15:10:27 -04:00
b7d4f1e570
refactor of RealmFS into several components
2019-04-02 15:09:41 -04:00
fcbf63db8e
refactor of Realm into a module with various components
2019-04-02 15:08:55 -04:00
4b4e5f31e7
various low level system utils moved into system module
2019-04-02 15:00:01 -04:00
4bd8c3626f
a module for terminal colors and escape sequences
2019-04-02 14:57:29 -04:00
43800cdc6e
Initial implementation of keyring
...
Keyring is an encrypted file to store secrets. The encryption key is
derived from the disk decryption passphrase so that the file can be
automatically decrypted and processed during boot.
The keys contained in the keyring file are loaded into the kernel key
store so that they can later be retrieved by other components.
Currenly during installation a signing key is generated and stored in
the keyring so that the system can transparently sign RealmFS images
when the user modifies or updates them.
2019-02-02 20:42:42 -05:00
0e1a06ae7f
goodbye Ring hello sodiumoxide
2019-02-02 20:33:50 -05:00
2dc32d1f20
Refactor multiple tools into a single binary.
...
citadel-tool now installed with a hardlink for each binary tool and
dispatches on the exe path to the tool implementation. This makes
the build faster, uses less disk space, and makes it easier to
create new small tools.
2019-01-30 21:31:13 -05:00
e7151f8de2
Initial implementation of RealmFS
2019-01-30 14:26:46 -05:00