updated to new libcitadel api

This commit is contained in:
Bruce Leidl 2019-04-02 15:26:09 -04:00
parent fff6ddb15a
commit adbae8a971
4 changed files with 47 additions and 31 deletions

View File

@ -2,7 +2,6 @@ use std::path::{Path, PathBuf};
use std::fs; use std::fs;
use libcitadel::Result; use libcitadel::Result;
use libcitadel::util;
/// ///
/// Represents a disk partition device on the system /// Represents a disk partition device on the system
@ -73,14 +72,14 @@ impl DiskPartition {
} }
pub fn mount<P: AsRef<Path>>(&self, target: P) -> Result<()> { pub fn mount<P: AsRef<Path>>(&self, target: P) -> Result<()> {
util::exec_cmdline("/usr/bin/mount", format!("{} {}", self.path.display(), target.as_ref().display())) cmd!("/usr/bin/mount", "{} {}", self.path.display(), target.as_ref().display())
} }
pub fn umount(&self) -> Result<()> { pub fn umount(&self) -> Result<()> {
util::exec_cmdline("/usr/bin/umount", self.path().to_str().unwrap()) cmd!("/usr/bin/umount", "{}", self.path().display())
} }
fn partition_fstype(&self) -> Result<String> { fn partition_fstype(&self) -> Result<String> {
util::exec_cmdline_with_output("/usr/bin/lsblk", format!("-dno FSTYPE {}", self.path().display())) cmd_with_output!("/usr/bin/lsblk", "-dno FSTYPE {}", self.path().display())
} }
} }

View File

@ -1,12 +1,11 @@
use std::thread::{self,JoinHandle};
use std::time;
use std::path::Path; use std::path::Path;
use std::ffi::OsStr; use std::ffi::OsStr;
use std::fs; use std::fs;
use std::thread::{self,JoinHandle};
use std::time::{self,Instant};
use libcitadel::Result; use libcitadel::Result;
use libcitadel::util;
use libcitadel::ResourceImage; use libcitadel::ResourceImage;
use crate::boot::disks; use crate::boot::disks;
use crate::boot::rootfs::setup_rootfs_resource; use crate::boot::rootfs::setup_rootfs_resource;
@ -22,6 +21,7 @@ pub fn live_rootfs() -> Result<()> {
pub fn live_setup() -> Result<()> { pub fn live_setup() -> Result<()> {
decompress_images()?; decompress_images()?;
info!("Starting live setup");
let live = Installer::new_livesetup(); let live = Installer::new_livesetup();
live.run() live.run()
} }
@ -64,7 +64,7 @@ fn deploy_artifacts() -> Result<()> {
let run_images = Path::new(IMAGE_DIRECTORY); let run_images = Path::new(IMAGE_DIRECTORY);
if !run_images.exists() { if !run_images.exists() {
fs::create_dir_all(run_images)?; fs::create_dir_all(run_images)?;
util::exec_cmdline("/bin/mount", "-t tmpfs -o size=4g images /run/citadel/images")?; cmd!("/bin/mount", "-t tmpfs -o size=4g images /run/citadel/images")?;
} }
for entry in fs::read_dir("/boot/images")? { for entry in fs::read_dir("/boot/images")? {
@ -122,7 +122,7 @@ fn find_rootfs_image() -> Result<ResourceImage> {
} }
fn decompress_images() -> Result<()> { fn decompress_images() -> Result<()> {
println!("decompressing images"); info!("Decompressing images");
let mut threads = Vec::new(); let mut threads = Vec::new();
for entry in fs::read_dir("/run/citadel/images")? { for entry in fs::read_dir("/run/citadel/images")? {
let entry = entry?; let entry = entry?;
@ -137,12 +137,20 @@ fn decompress_images() -> Result<()> {
for t in threads { for t in threads {
t.join().unwrap()?; t.join().unwrap()?;
} }
info!("Finished decompressing images");
Ok(()) Ok(())
} }
fn decompress_one_image(image: ResourceImage) -> JoinHandle<Result<()>> { fn decompress_one_image(image: ResourceImage) -> JoinHandle<Result<()>> {
thread::spawn(move || { thread::spawn(move || {
image.decompress() let start = Instant::now();
info!("Decompressing {}", image.path().display());
image.decompress()?;
cmd!("/usr/bin/du", "-h {}", image.path().display())?;
info!("Decompress {:?} finished in {} seconds",
image.path().file_name().unwrap(),
start.elapsed().as_secs());
Ok(())
}) })
} }

View File

@ -1,15 +1,18 @@
use std::fs; use std::fs;
use std::process::exit; use std::process::exit;
use libcitadel::{util,Result,ResourceImage,CommandLine,set_verbose,format_error,KeyRing}; use libcitadel::{Result,ResourceImage,CommandLine,format_error,KeyRing,LogLevel,Logger};
use libcitadel::RealmManager;
mod live; mod live;
mod disks; mod disks;
mod rootfs; mod rootfs;
pub fn main(args: Vec<String>) { pub fn main(args: Vec<String>) {
if CommandLine::verbose() { if CommandLine::debug() {
set_verbose(true); Logger::set_log_level(LogLevel::Debug);
} else if CommandLine::verbose() {
Logger::set_log_level(LogLevel::Info);
} }
let command = args.iter().skip(1).next(); let command = args.iter().skip(1).next();
@ -17,6 +20,7 @@ pub fn main(args: Vec<String>) {
let result = match command { let result = match command {
Some(s) if s == "rootfs" => do_rootfs(), Some(s) if s == "rootfs" => do_rootfs(),
Some(s) if s == "setup" => do_setup(), Some(s) if s == "setup" => do_setup(),
Some(s) if s == "start-realms" => do_start_realms(),
_ => Err(format_err!("Bad or missing argument")), _ => Err(format_err!("Bad or missing argument")),
}; };
@ -30,11 +34,7 @@ fn do_rootfs() -> Result<()> {
if CommandLine::live_mode() || CommandLine::install_mode() { if CommandLine::live_mode() || CommandLine::install_mode() {
live::live_rootfs() live::live_rootfs()
} else { } else {
rootfs::setup_rootfs()?; rootfs::setup_rootfs()
if let Err(err) = setup_keyring() {
warn!("Failed to setup keyring: {}", err);
}
Ok(())
} }
} }
@ -45,10 +45,13 @@ fn setup_keyring() -> Result<()> {
Ok(()) Ok(())
} }
fn do_setup() -> Result<()> { fn do_setup() -> Result<()> {
if CommandLine::live_mode() || CommandLine::install_mode() { if CommandLine::live_mode() || CommandLine::install_mode() {
live::live_setup()?; live::live_setup()?;
} else {
if let Err(err) = setup_keyring() {
warn!("Failed to setup keyring: {}", err);
}
} }
ResourceImage::mount_image_type("kernel")?; ResourceImage::mount_image_type("kernel")?;
@ -65,21 +68,26 @@ fn mount_overlay() -> Result<()> {
info!("Moving /sysroot mount to /rootfs.ro"); info!("Moving /sysroot mount to /rootfs.ro");
fs::create_dir_all("/rootfs.ro")?; fs::create_dir_all("/rootfs.ro")?;
util::exec_cmdline("/usr/bin/mount", "--make-private /")?; cmd!("/usr/bin/mount", "--make-private /")?;
util::exec_cmdline("/usr/bin/mount", "--move /sysroot /rootfs.ro")?; cmd!("/usr/bin/mount", "--move /sysroot /rootfs.ro")?;
info!("Mounting tmpfs on /rootfs.rw"); info!("Mounting tmpfs on /rootfs.rw");
fs::create_dir_all("/rootfs.rw")?; fs::create_dir_all("/rootfs.rw")?;
util::exec_cmdline("/usr/bin/mount", "-t tmpfs -orw,noatime,mode=755 rootfs.rw /rootfs.rw")?; cmd!("/usr/bin/mount", "-t tmpfs -orw,noatime,mode=755 rootfs.rw /rootfs.rw")?;
info!("Creating /rootfs.rw/work /rootfs.rw/upperdir"); info!("Creating /rootfs.rw/work /rootfs.rw/upperdir");
fs::create_dir_all("/rootfs.rw/upperdir")?; fs::create_dir_all("/rootfs.rw/upperdir")?;
fs::create_dir_all("/rootfs.rw/work")?; fs::create_dir_all("/rootfs.rw/work")?;
info!("Mounting overlay on /sysroot"); info!("Mounting overlay on /sysroot");
util::exec_cmdline("/usr/bin/mount", "-t overlay overlay -olowerdir=/rootfs.ro,upperdir=/rootfs.rw/upperdir,workdir=/rootfs.rw/work /sysroot")?; cmd!("/usr/bin/mount", "-t overlay overlay -olowerdir=/rootfs.ro,upperdir=/rootfs.rw/upperdir,workdir=/rootfs.rw/work /sysroot")?;
info!("Moving /rootfs.ro and /rootfs.rw to new root"); info!("Moving /rootfs.ro and /rootfs.rw to new root");
fs::create_dir_all("/sysroot/rootfs.ro")?; fs::create_dir_all("/sysroot/rootfs.ro")?;
fs::create_dir_all("/sysroot/rootfs.rw")?; fs::create_dir_all("/sysroot/rootfs.rw")?;
util::exec_cmdline("/usr/bin/mount", "--move /rootfs.ro /sysroot/rootfs.ro")?; cmd!("/usr/bin/mount", "--move /rootfs.ro /sysroot/rootfs.ro")?;
util::exec_cmdline("/usr/bin/mount", "--move /rootfs.rw /sysroot/rootfs.rw")?; cmd!("/usr/bin/mount", "--move /rootfs.rw /sysroot/rootfs.rw")?;
Ok(()) Ok(())
} }
fn do_start_realms() -> Result<()> {
let manager = RealmManager::load()?;
manager.start_boot_realms()
}

View File

@ -1,8 +1,9 @@
use std::process::Command; use std::process::Command;
use libcitadel::{BlockDev,ResourceImage,CommandLine,ImageHeader,Partition,Result,verity}; use libcitadel::{BlockDev, ResourceImage, CommandLine, ImageHeader, Partition, Result, LoopDevice};
use std::path::Path; use std::path::Path;
use std::process::Stdio; use std::process::Stdio;
use libcitadel::verity::Verity;
pub fn setup_rootfs() -> Result<()> { pub fn setup_rootfs() -> Result<()> {
let mut p = choose_boot_partiton(true)?; let mut p = choose_boot_partiton(true)?;
@ -25,9 +26,9 @@ fn setup_resource_unverified(img: &ResourceImage) -> Result<()> {
if img.is_compressed() { if img.is_compressed() {
img.decompress()?; img.decompress()?;
} }
let loopdev = img.create_loopdev()?; let loopdev = LoopDevice::create(img.path(), Some(4096), true)?;
info!("Loop device created: {}", loopdev.display()); info!("Loop device created: {}", loopdev);
setup_linear_mapping(&loopdev) setup_linear_mapping(loopdev.device())
} }
fn setup_resource_verified(img: &ResourceImage) -> Result<()> { fn setup_resource_verified(img: &ResourceImage) -> Result<()> {
@ -52,7 +53,7 @@ fn setup_partition_verified(p: &mut Partition) -> Result<()> {
} }
info!("Image signature is valid for channel {}", p.metainfo().channel()); info!("Image signature is valid for channel {}", p.metainfo().channel());
} }
verity::setup_partition_device(p)?; Verity::setup_partition(p)?;
Ok(()) Ok(())
} }