| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |/
|
|
|
|
|
|
|
|
| |
The old name originates when this was used to discover "machine" images,
as managed by machined/machinectl. But nowadays this is also used by
portable services and system extensions, hence let's use a more generic
name for this API. Taking inspiration from "dissect-image.[ch]", let's call
this "discover-image.[ch]".
This is pure renaming, no other changes.
|
| |
|
|
|
|
|
|
|
| |
Follow-up for 133b34f69a72dc90d4e336837d699245390c9f50 where this was
forgotten.
While we are at it, bring the parameters into the same order as we
declare them in the PullRaw/PullTar objects, i.e. match them to the
canonical order.
|
| | |
|
| |
|
|
|
| |
It's pointless if no data was generated. (This happens if an empty file
is compressed)
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
to parent
After all we want to remove the top-level dir, and make it look like the
only subdir, hence propagate the attributes from the subdir to the
top-level dir.
|
| |
|
|
|
| |
The trees do look like directory trees, obviously. But they don't like
OS trees.
|
| | |
|
| |
|
|
|
| |
Also, simplify import_assign_pool_quota_and_warn(), don't do the same
thing twice. Let's just allow the caller call this twice.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
This merges the two flags that are passed to the ImportTar/ImportRaw
objects into a single flags parameter, which we then can extend more
easily later on.
No change in behaviour.
This is inspired by 133b34f69a72dc90d4e336837d699245390c9f50 which does
the same for PullTar/PullRaw.
|
| | |
|
| |
|
|
|
| |
Let's split out the actual gpg logic into a helper function, so that we
can add alternative validations later on.
|
| |
|
|
|
|
|
|
|
|
|
| |
We already had support for downlading a .nspawn and a .roothash file,
let's make the set complete, and also download .verity + roothash.p7s if
it exists, as nspawn consumes that.
Since there are now four kinds of additional resources to acquire, let's
introduce a PullFlags flags value for this instead of separate 'bool'
variables, it's just too many to always pass those around on the
function parameter list.
|
| |
|
|
|
|
| |
Previously we'd collect the data from redirects too, which wasn't
particularly terrible, since these typically don't carry the data we
were interested in, but it's still incorrect to do so.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Properly reset all fields that have to do with the current GET job when
we restart things. Previously we freed/reset only some stuff, leaking
some memory even.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the PullJob object took internal care of rerequested the
SHA256SUMS file, if requesting <image>.sha256 didn't work. This was a
weird a non-abstraction only used when actually getting the checksum
files.
Let's move this out of the PullJob, so that it is generic again, and
does roughly the same stuff for all resources it is used for: let's
define a generic .on_not_found() handler that can be set on a PullJob
object, and is called whenever with see HTTP 404, and may be used to
provide a new URL to try if the first didn't work.
This is also preparation for later work to support PKCS#7 signatures
instead of gpg signatures, where a similar logic is needed, and we thus
should have a generic infrastructure place.
This gets rid of the VerificationStyle field in the PullJob object:
instead of storing this non-generic field we just derive the same
information from the URL itself, which is safe, since we generated it
ourselves earlier.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
systemd-sysext supports --root= for everything but the image discovery.
Fix that.
|
| |\
| |
| | |
meson: various cleanups
|
| | |
| |
| |
| | |
Then, we can shorten many test definitions.
|
| |/ |
|
| |
|
|
|
|
|
| |
We do this for import-tar and import-fs, we should do it for pull-tar,
too.
Fixes: #17563
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Let's clean up hostname_is_valid() a bit: let's turn the second boolean
argument into a more explanatory flags field, and add a flag that
accepts the special name ".host" as valid. This is useful for the
container logic, where the special hostname ".host" refers to the "root
container", i.e. the host system itself, and can be specified at various
places.
let's also get rid of machine_name_is_valid(). It was just an alias,
which is confusing and even more so now that we have the flags param.
|
| |
|
| |
CURLMOPT_SOCKETFUNCTION callback is an easy handle, not a multi.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Similar to free_and_replace. I think this should be uppercase to make it
clear that this is a macro. free_and_replace should probably be uppercased
too.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default GNU tar will only read the first archive if multiple archives
are concatenated and ignore the rest. If an archive contains trailing
garbage this will hence not be recognized by tar as error, it simply
stops reading when the first archive is done (which might escalate to
SIGPIPE when invoked via a pipe).
Let's add --ignore-zeros to the tar command line when extracting. This
means:
1) if a tar archive was concatenated (i.e. generated with tar -A) we'll
process it correctly.
2) if a tar archive contains trailing garbage tar will now generate an
error message about it, instead of just throwing EPIPE, which makes
things easier to debug as broken files are not silently processed.
I think it's OK for gnu tar to ignore trailing garbage when dealing with
classic tapes drives, i.e. mediums that do not have a size limit
built-in. However, this is not what we are dealing with: we are dealing
with OS images here, that hopefully someone generated with a clean build
system, that were signed and validated and hence should not contain
trailing garbage. Hence it's better to refuse and complain thant to
silently eat up like for classic tape drives.
Fixes: #16605
|
| | |
|
| |
|
|
| |
Fixes: #16506
|
| |
|
|
| |
No code changes, just some refactoring.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We always need to make them unions with a "struct cmsghdr" in them, so
that things properly aligned. Otherwise we might end up at an unaligned
address and the counting goes all wrong, possibly making the kernel
refuse our buffers.
Also, let's make sure we initialize the control buffers to zero when
sending, but leave them uninitialized when reading.
Both the alignment and the initialization thing is mentioned in the
cmsg(3) man page.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
parsing stubs
--help and --version are implemented in the usual style.
help() prints full path, since the program is not expected to
be in $PATH.
|
| | |
|
| |
|
|
|
|
|
| |
around cmsg_find()
let's take this once step further, and add type-safety to cmsg_find(),
and imply the CMSG_DATA() macro for finding the cmsg payload.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's be extra careful whenever we return from recvmsg() and see
MSG_CTRUNC set. This generally means we ran into a programming error, as
we didn't size the control buffer large enough. It's an error condition
we should at least log about, or propagate up. Hence do that.
This is particularly important when receiving fds, since for those the
control data can be of any size. In particular on stream sockets that's
nasty, because if we miss an fd because of control data truncation we
cannot recover, we might not even realize that we are one off.
(Also, when failing early, if there's any chance the socket might be
AF_UNIX let's close all received fds, all the time. We got this right
most of the time, but there were a few cases missing. God, UNIX is hard
to use)
|
| | |
|
| |\
| |
| | |
D-bus API docs
|
