updated to new libcitadel api

citadel-tool/src/boot/disks.rs

@@ -2,7 +2,6 @@ use std::path::{Path, PathBuf};
 use std::fs;
 
 use libcitadel::Result;
-use libcitadel::util;
 
 ///
 /// Represents a disk partition device on the system
@@ -73,14 +72,14 @@ impl DiskPartition {
     }
 
     pub fn mount<P: AsRef<Path>>(&self, target: P) -> Result<()> {
-        util::exec_cmdline("/usr/bin/mount", format!("{} {}", self.path.display(), target.as_ref().display()))
+        cmd!("/usr/bin/mount", "{} {}", self.path.display(), target.as_ref().display())
     }
 
     pub fn umount(&self) -> Result<()> {
-        util::exec_cmdline("/usr/bin/umount", self.path().to_str().unwrap())
+        cmd!("/usr/bin/umount", "{}", self.path().display())
     }
 
     fn partition_fstype(&self) -> Result<String> {
-        util::exec_cmdline_with_output("/usr/bin/lsblk", format!("-dno FSTYPE {}", self.path().display()))
+        cmd_with_output!("/usr/bin/lsblk", "-dno FSTYPE {}", self.path().display())
     }
 }

citadel-tool/src/boot/live.rs

@@ -1,12 +1,11 @@
 
-use std::thread::{self,JoinHandle};
-use std::time;
 use std::path::Path;
 use std::ffi::OsStr;
 use std::fs;
+use std::thread::{self,JoinHandle};
+use std::time::{self,Instant};
 
 use libcitadel::Result;
-use libcitadel::util;
 use libcitadel::ResourceImage;
 use crate::boot::disks;
 use crate::boot::rootfs::setup_rootfs_resource;
@@ -22,6 +21,7 @@ pub fn live_rootfs() -> Result<()> {
 
 pub fn live_setup() -> Result<()> {
     decompress_images()?;
+    info!("Starting live setup");
     let live = Installer::new_livesetup();
     live.run()
 }
@@ -64,7 +64,7 @@ fn deploy_artifacts() -> Result<()> {
     let run_images = Path::new(IMAGE_DIRECTORY);
     if !run_images.exists() {
         fs::create_dir_all(run_images)?;
-        util::exec_cmdline("/bin/mount", "-t tmpfs -o size=4g images /run/citadel/images")?;
+        cmd!("/bin/mount", "-t tmpfs -o size=4g images /run/citadel/images")?;
     }
 
     for entry in fs::read_dir("/boot/images")? {
@@ -122,7 +122,7 @@ fn find_rootfs_image() -> Result<ResourceImage> {
 }
 
 fn decompress_images() -> Result<()> {
-    println!("decompressing images");
+    info!("Decompressing images");
     let mut threads = Vec::new();
     for entry in fs::read_dir("/run/citadel/images")? {
         let entry = entry?;
@@ -137,12 +137,20 @@ fn decompress_images() -> Result<()> {
     for t in threads {
         t.join().unwrap()?;
     }
+    info!("Finished decompressing images");
     Ok(())
 
 }
 
 fn decompress_one_image(image: ResourceImage) -> JoinHandle<Result<()>> {
-    thread::spawn(move ||{
-        image.decompress()
+    thread::spawn(move || {
+        let start = Instant::now();
+        info!("Decompressing {}", image.path().display());
+        image.decompress()?;
+        cmd!("/usr/bin/du", "-h {}", image.path().display())?;
+        info!("Decompress {:?} finished in {} seconds",
+              image.path().file_name().unwrap(),
+              start.elapsed().as_secs());
+        Ok(())
     })
 }

citadel-tool/src/boot/mod.rs

@@ -1,15 +1,18 @@
 use std::fs;
 use std::process::exit;
 
-use libcitadel::{util,Result,ResourceImage,CommandLine,set_verbose,format_error,KeyRing};
+use libcitadel::{Result,ResourceImage,CommandLine,format_error,KeyRing,LogLevel,Logger};
+use libcitadel::RealmManager;
 
 mod live;
 mod disks;
 mod rootfs;
 
 pub fn main(args: Vec<String>) {
-    if CommandLine::verbose() {
-        set_verbose(true);
+    if CommandLine::debug() {
+        Logger::set_log_level(LogLevel::Debug);
+    } else if CommandLine::verbose() {
+        Logger::set_log_level(LogLevel::Info);
     }
 
     let command = args.iter().skip(1).next();
@@ -17,6 +20,7 @@ pub fn main(args: Vec<String>) {
     let result = match command {
         Some(s) if s == "rootfs" => do_rootfs(),
         Some(s) if s == "setup" => do_setup(),
+        Some(s) if s == "start-realms" => do_start_realms(),
         _ => Err(format_err!("Bad or missing argument")),
     };
 
@@ -30,11 +34,7 @@ fn do_rootfs() -> Result<()> {
     if CommandLine::live_mode() || CommandLine::install_mode() {
         live::live_rootfs()
     } else {
-        rootfs::setup_rootfs()?;
-        if let Err(err) = setup_keyring() {
-            warn!("Failed to setup keyring: {}", err);
-        }
-        Ok(())
+        rootfs::setup_rootfs()
     }
 }
 
@@ -45,10 +45,13 @@ fn setup_keyring() -> Result<()> {
     Ok(())
 }
 
-
 fn do_setup() -> Result<()> {
     if CommandLine::live_mode() || CommandLine::install_mode() {
         live::live_setup()?;
+    } else {
+        if let Err(err) = setup_keyring() {
+            warn!("Failed to setup keyring: {}", err);
+        }
     }
 
     ResourceImage::mount_image_type("kernel")?;
@@ -65,21 +68,26 @@ fn mount_overlay() -> Result<()> {
 
     info!("Moving /sysroot mount to /rootfs.ro");
     fs::create_dir_all("/rootfs.ro")?;
-    util::exec_cmdline("/usr/bin/mount", "--make-private /")?;
-    util::exec_cmdline("/usr/bin/mount", "--move /sysroot /rootfs.ro")?;
+    cmd!("/usr/bin/mount", "--make-private /")?;
+    cmd!("/usr/bin/mount", "--move /sysroot /rootfs.ro")?;
     info!("Mounting tmpfs on /rootfs.rw");
     fs::create_dir_all("/rootfs.rw")?;
-    util::exec_cmdline("/usr/bin/mount", "-t tmpfs -orw,noatime,mode=755 rootfs.rw /rootfs.rw")?;
+    cmd!("/usr/bin/mount", "-t tmpfs -orw,noatime,mode=755 rootfs.rw /rootfs.rw")?;
     info!("Creating /rootfs.rw/work /rootfs.rw/upperdir");
     fs::create_dir_all("/rootfs.rw/upperdir")?;
     fs::create_dir_all("/rootfs.rw/work")?;
     info!("Mounting overlay on /sysroot");
-    util::exec_cmdline("/usr/bin/mount", "-t overlay overlay -olowerdir=/rootfs.ro,upperdir=/rootfs.rw/upperdir,workdir=/rootfs.rw/work /sysroot")?;
+    cmd!("/usr/bin/mount", "-t overlay overlay -olowerdir=/rootfs.ro,upperdir=/rootfs.rw/upperdir,workdir=/rootfs.rw/work /sysroot")?;
 
     info!("Moving /rootfs.ro and /rootfs.rw to new root");
     fs::create_dir_all("/sysroot/rootfs.ro")?;
     fs::create_dir_all("/sysroot/rootfs.rw")?;
-    util::exec_cmdline("/usr/bin/mount", "--move /rootfs.ro /sysroot/rootfs.ro")?;
-    util::exec_cmdline("/usr/bin/mount", "--move /rootfs.rw /sysroot/rootfs.rw")?;
+    cmd!("/usr/bin/mount", "--move /rootfs.ro /sysroot/rootfs.ro")?;
+    cmd!("/usr/bin/mount", "--move /rootfs.rw /sysroot/rootfs.rw")?;
     Ok(())
 }
+
+fn do_start_realms() -> Result<()> {
+    let manager = RealmManager::load()?;
+    manager.start_boot_realms()
+}

citadel-tool/src/boot/rootfs.rs

@@ -1,8 +1,9 @@
 use std::process::Command;
 
-use libcitadel::{BlockDev,ResourceImage,CommandLine,ImageHeader,Partition,Result,verity};
+use libcitadel::{BlockDev, ResourceImage, CommandLine, ImageHeader, Partition, Result, LoopDevice};
 use std::path::Path;
 use std::process::Stdio;
+use libcitadel::verity::Verity;
 
 pub fn setup_rootfs() -> Result<()> {
     let mut p = choose_boot_partiton(true)?;
@@ -25,9 +26,9 @@ fn setup_resource_unverified(img: &ResourceImage) -> Result<()> {
     if img.is_compressed() {
         img.decompress()?;
     }
-    let loopdev = img.create_loopdev()?;
-    info!("Loop device created: {}", loopdev.display());
-    setup_linear_mapping(&loopdev)
+    let loopdev = LoopDevice::create(img.path(), Some(4096), true)?;
+    info!("Loop device created: {}", loopdev);
+    setup_linear_mapping(loopdev.device())
 }
 
 fn setup_resource_verified(img: &ResourceImage) -> Result<()> {
@@ -52,7 +53,7 @@ fn setup_partition_verified(p: &mut Partition) -> Result<()> {
         }
         info!("Image signature is valid for channel {}", p.metainfo().channel());
     }
-    verity::setup_partition_device(p)?;
+    Verity::setup_partition(p)?;
     Ok(())
 }