summaryrefslogtreecommitdiff
path: root/src/dissect
Commit message (Collapse)AuthorAgeFilesLines
* strv: make iterator in STRV_FOREACH() declaread in the loopYu Watanabe2022-03-191-3/+0
| | | | This also avoids multiple evaluations in STRV_FOREACH_BACKWARDS()
* dissect-image: do not enable "verification" when trying to acquire metadataZbigniew Jędrzejewski-Szmek2021-11-241-1/+1
| | | | | | | | | The whole point of acquiring metadata is quite often to figure out why the image does not pass verification. Refusing to provide metadata is just being hostile to the user. When called from other places (e.g. image_read_metadata()), verification is still performed.
* dissect: show intended purpose of images in dissection outputLennart Poettering2021-11-231-1/+63
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With this the tool will show whether an image is intended to be a bootable OS image, a system extension, or a portable service image. Example output with this patch: <snip> Name: image_53.raw Size: 3.2G Machine ID: bb9f2921198040feb7c82270bf66e4b8 OS Release: NAME=Fedora VERSION=34 (Thirty Four) … PRIVACY_POLICY_URL=https://fedoraproject.org/wiki/Legal:PrivacyPolicy IMAGE_VERSION=53 Use As: ✓ bootable system for UEFI ✓ bootable system for container ✗ portable service ✗ extension for system ✗ extension for initrd ✗ extension for portable service RW DESIGNATOR PARTITION UUID PARTITION LABEL FSTYPE ARCHITECTURE VERITY GROWFS NODE PARTNO rw root d56af2b4-35eb-2e40-8f08-2d3b7012b0fc Root Partition btrfs x86-64 no no /dev/loop1p2 2 rw esp e3d11339-05c1-a74a-ae77-aae76812c134 ESP System Partition vfat - - no /dev/loop1p1 1 … </snip>
* dissect: add helper call for unifying three loopsLennart Poettering2021-11-231-28/+21
|
* Make pager_open() return voidZbigniew Jędrzejewski-Szmek2021-11-031-1/+1
|
* basic: spit out chase_symlinks() from fs-util.[ch] → chase-symlinks.[ch]Lennart Poettering2021-10-051-0/+1
|
* dissect-image: load embedded verity signature info from imageLennart Poettering2021-09-281-0/+7
| | | | | This adds support for actually using embedded signature data from partitions.
* dissect-image: discover verity signature partitionsLennart Poettering2021-09-281-1/+3
| | | | | This doesn't make use of the discovered partitions yet, but it finds them at least.
* dissect-image: rename dissected_image_has_verity()/_can_do_verity()Lennart Poettering2021-09-101-2/+2
| | | | | | | Let's also pick more precise names for these helpers that are used for the tabular output: one checks whether a partition is candidate for verity at all, and the other checks if it is ready to be used for it. Let's make this clearer in the name.
* Merge pull request #20257 from bluca/seqnoLuca Boccassi2021-08-311-0/+1
|\ | | | | Use new diskseq block device property
| * dissect: use DISKSEQ when waiting for block devicesLuca Boccassi2021-07-281-0/+1
| | | | | | | | | | | | | | | | DISKSEQ is a reliable way to find out if we missed a uevent or not, as it's monotonically increasing. If we parse an event with a smaller or no sequence number, we know we need to wait longer. If we parse an event with a greater sequence number, we know we missed it and the device was reused.
* | shared/copy: add a new flag COPY_ALL_XATTRSAndrej Lajovic2021-08-111-2/+2
| | | | | | | | | | | | | | | | When the flag COPY_ALL_XATTRS is set, it causes the complete set of xattrs to be copied. If the flag is unset, only xattrs from the "user" namespace are copied. Fixes #17178.
* | Drop the text argument from assert_not_reached()Zbigniew Jędrzejewski-Szmek2021-08-031-3/+3
|/ | | | | | | | | | | | | | | | | In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
* tree-wide: add FORMAT_BYTES()Zbigniew Jędrzejewski-Szmek2021-07-091-4/+2
|
* dissect-image: add support for optionally mounting images with idmapping onLennart Poettering2021-05-071-2/+2
|
* Merge pull request #19391 from poettering/dissect-growZbigniew Jędrzejewski-Szmek2021-05-071-2/+18
|\ | | | | optionally, grow file systems to partition size when mounting them via GPT auto-discovery
| * dissect: enable growfs by default, but make it configurableLennart Poettering2021-04-231-1/+13
| | | | | | | | | | This adds a new --growfs=yes|no switch to systemd-dissect, defaulting to on.
| * dissect: show growfs flag in systemd-dissect table outputLennart Poettering2021-04-231-1/+5
| |
* | various: print the image path when setting up of the loopback device failsZbigniew Jędrzejewski-Szmek2021-04-231-1/+1
|/
* dissect: ignore udev database entries from before the loopback attachmentLennart Poettering2021-04-201-0/+1
| | | | | | | | | This tries to shorten the race of device reuse a bit more: let's ignore udev database entries that are older than the time where we started to use a loopback device. This doesn't fix the whole loopback device raciness mess, but it makes the race window a bit shorter.
* dissect: ignore old uevents when waiting for loopback partition scanLennart Poettering2021-04-201-0/+1
| | | | | | | | | | | Let's drop all monitor uevent that were enqueued before we actually started setting up the device. This doesn't fix the race, but it makes the race window smaller: since we cannot determine the uevent seqnum and the loopback attachment atomically, there's a tiny window where uevents might be generated by the device which we mistake for being associated with out use of the loopback device.
* dissect: split read-only flag into twoLennart Poettering2021-04-191-1/+1
| | | | | | | | | | | | | | | Let's have one flag to request that when dissecting an image the loopback device is made read-only, and another one to request that when it is mounted to make it read-only. Previously both concepts were always done read-only together. (Of course, making the loopback device read-only but mounting it read-write doesn't make too much sense, but the kernel should catch that for us, no need to make restrictions from our side there) Use-case for this: in systemd-repart we'd like to operate on images for adding partitions. Thus we'd like to have the loopback device writable, but if we read repart.d/ snippets from it, we want to do that read-only.
* dissect: show partition label in tableLennart Poettering2021-03-161-1/+2
| | | | | We nowadays pick up the partition label while dissecting, let's show it if we have it.
* dissect: don't insist on a root/usr partition when just inspectingLennart Poettering2021-03-161-2/+3
| | | | | | Let's relax rules here a bit, taking benefit of the fact that DISSECT_IMAGE_REQUIRE_ROOT + DISSECT_IMAGE_GENERIC_ROOT are now separate flags.
* dissect-image: split DISSECT_IMAGE_REQUIRE_ROOT in twoLennart Poettering2021-03-161-1/+7
| | | | | | | | | | | | Previously, the flag did two things at once: enable support for using generic partitions as root fs if there were only one/allow use of partition-table-less images as root fs. And secondly, insist that there was a rootfs, and fail if not. Let's split these two in two separate options so that they can be used independently of each other. There are cases where one wants to use one without the other (i.e. when inspecting things with systemd-dissect tool it should be OK to do so even if image has no root fs), and it's cleaner anyway.
* tree-wide: make use of DISSECT_IMAGE_USR_NO_ROOT in various toolsLennart Poettering2021-03-161-1/+1
| | | | | | | | Let's make use of the new dissection in all tools where this makes sense, which are all tools that dissect images, except for those which inherently operate on state/configuraiton and thus where an image without state nor configuration is useless (e.g. systemd-tmpfiles/systemd-firstboot/… --image= switch).
* dissect: fix trivial typoLennart Poettering2021-03-111-1/+1
|
* tree-wide: use UINT64_MAX or friendsYu Watanabe2021-03-051-4/+4
|
* dissect: parse, store and show extension-release infoLuca Boccassi2021-02-171-2/+19
|
* Move and rename parse_json_argument() functionZbigniew Jędrzejewski-Szmek2021-02-151-1/+1
| | | | | json.[ch] is a very generic implementation, and cmdline argument parsing doesn't fit there.
* Move and rename parse_path_argument() functionZbigniew Jędrzejewski-Szmek2021-02-151-1/+2
| | | | | This fits better in shared/, and the new parse-argument.c file is a good home for it.
* tree-wide: Drop custom formatting for print() help messagesDaan De Meyer2021-01-311-5/+7
| | | | | | | | | | | | I think this formatting was originally used because it simplified adding new options to the help messages. However, these days, most tools their help message end with "\nSee the %s for details.\n" so the final line almost never has to be edited which eliminates the benefit of the custom formatting used for printf() help messages. Let's make things more consistent and use the same formatting for printf() help messages that we use everywhere else. Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580
* dissect: almost port systemd-dissect to table_print_with_pager()Lennart Poettering2021-01-211-1/+22
| | | | | | | | This doesn't actually port systemd-dissect to table_print_with_pager() but at least rearranges things so that similar behaviour is exposed. The reason it's not ported over 1:1 is that systemd-dissect actually adjusts the JSON output of the table with additional info, and doesn't print the table 1:1 as JSON.
* json: port various tools to the new JSON_FORMAT_OFF flagLennart Poettering2021-01-091-27/+13
| | | | These are the obvious cases.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* dissect-image: process /usr/ GPT partition typeLennart Poettering2020-09-191-1/+1
|
* dissect: show partition output even if os-release is missingLennart Poettering2020-09-171-8/+9
| | | | | | | It's just too useful to immediately see with "systemd-dissect" what "systemd-repart" generated for us without having to populate it with /etc/os-release. Hence let's log a message if /etc/os-release is missing, but proceed otherwise and show the partition table.
* dissect: wrap verity settings in new VeritySettings structureLennart Poettering2020-09-171-63/+40
| | | | | | | | | | | | Just some refactoring: let's place the various verity related parameters in a common structure, and pass that around instead of the individual parameters. Also, let's load the PKCS#7 signature data when finding metadata right-away, instead of delaying this until we need it. In all cases we call this there's not much time difference between the metdata finding and the loading, hence this simplifies things and makes sure root hash data and its signature is now always acquired together.
* dissect: introduce PartitionDesignator as real typeLennart Poettering2020-09-161-1/+1
|
* copy: optionally, reproduce hardlinks from source in destinationLennart Poettering2020-09-091-3/+3
| | | | | | | | | | This is useful for duplicating trees that contain hardlinks: we keep track of potential hardlinks and try to reproduce them within the destination tree. (We do not hardlink between source and destination!). This is useful for trees like ostree images which heavily use hardlinks and which are otherwise exploded into separate copies of all files when we duplicate the trees.
* dissect: add support for outputting JSONLennart Poettering2020-08-121-9/+97
|
* dissect: show proper error strings for more errorsLennart Poettering2020-08-111-25/+34
| | | | | Also, make inability to decrypt and EBUSY a non-fatal issue, since we still are able to display the mount table then.
* dissect: introduce new helper dissected_image_mount_and_warn() and use it ↵Lennart Poettering2020-08-111-8/+4
| | | | everywhere
* dissect: immediately close pipes when we determined we have no data for themLennart Poettering2020-08-111-271/+297
| | | | | | | | This effectively makes little difference because we exit soon later anyway, which will close the fds, too. However, it's still useful since it means the parent will get EOF events on them in the order we process things and isn't delayed to process the data from the pipes until the child dies.
* dissect: beef up dissection outputLennart Poettering2020-08-111-37/+78
| | | | | | | | | Let's use a proper table for outputting partition information. Let's also put the general information about the image first, and the table after that. Moreover, dissect the image before showing any output, so that we can early on return an error if the image is not valid.
* dissect: load verity metadata earlierLennart Poettering2020-08-111-8/+27
| | | | | | That way we can turn off kernel partition scanning if verity data is available (as we don't support verity for full GPT images, only for simple file system images).
* dissect: show more information in outputLennart Poettering2020-08-111-0/+13
| | | | Let's show size and image filename.
* dissect: add support for copying files in/out of imageLennart Poettering2020-08-111-5/+231
|
* dissect: optionally mkdir directory to overmountLennart Poettering2020-08-111-13/+42
|
* dissect: support --discard=listLennart Poettering2020-08-111-1/+7
|
View Lorry Controller Status