[thirdparty/systemd.git] / src / import / pull-tar.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2015 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <sys/prctl.h>
#include <curl/curl.h>

#include "sd-daemon.h"

#include "btrfs-util.h"
#include "copy.h"
#include "curl-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
#include "macro.h"
#include "mkdir.h"
#include "path-util.h"
#include "process-util.h"
#include "pull-common.h"
#include "pull-job.h"
#include "pull-tar.h"
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
#include "utf8.h"
#include "util.h"

typedef enum TarProgress {
        TAR_DOWNLOADING,
        TAR_VERIFYING,
        TAR_FINALIZING,
        TAR_COPYING,
} TarProgress;

struct TarPull {
        sd_event *event;
        CurlGlue *glue;

        char *image_root;

        PullJob *tar_job;
        PullJob *settings_job;
        PullJob *checksum_job;
        PullJob *signature_job;

        TarPullFinished on_finished;
        void *userdata;

        char *local;
        bool force_local;
        bool grow_machine_directory;
        bool settings;

        pid_t tar_pid;

        char *final_path;
        char *temp_path;

        char *settings_path;
        char *settings_temp_path;

        ImportVerify verify;
};

TarPull* tar_pull_unref(TarPull *i) {
        if (!i)
                return NULL;

        if (i->tar_pid > 1) {
                (void) kill_and_sigcont(i->tar_pid, SIGKILL);
                (void) wait_for_terminate(i->tar_pid, NULL);
        }

        pull_job_unref(i->tar_job);
        pull_job_unref(i->settings_job);
        pull_job_unref(i->checksum_job);
        pull_job_unref(i->signature_job);

        curl_glue_unref(i->glue);
        sd_event_unref(i->event);

        if (i->temp_path) {
                (void) rm_rf(i->temp_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
                free(i->temp_path);
        }

        if (i->settings_temp_path) {
                (void) unlink(i->settings_temp_path);
                free(i->settings_temp_path);
        }

        free(i->final_path);
        free(i->settings_path);
        free(i->image_root);
        free(i->local);
        free(i);

        return NULL;
}

int tar_pull_new(
                TarPull **ret,
                sd_event *event,
                const char *image_root,
                TarPullFinished on_finished,
                void *userdata) {

        _cleanup_(tar_pull_unrefp) TarPull *i = NULL;
        int r;

        assert(ret);

        i = new0(TarPull, 1);
        if (!i)
                return -ENOMEM;

        i->on_finished = on_finished;
        i->userdata = userdata;

        i->image_root = strdup(image_root ?: "/var/lib/machines");
        if (!i->image_root)
                return -ENOMEM;

        i->grow_machine_directory = path_startswith(i->image_root, "/var/lib/machines");

        if (event)
                i->event = sd_event_ref(event);
        else {
                r = sd_event_default(&i->event);
                if (r < 0)
                        return r;
        }

        r = curl_glue_new(&i->glue, i->event);
        if (r < 0)
                return r;

        i->glue->on_finished = pull_job_curl_on_finished;
        i->glue->userdata = i;

        *ret = i;
        i = NULL;

        return 0;
}

static void tar_pull_report_progress(TarPull *i, TarProgress p) {
        unsigned percent;

        assert(i);

        switch (p) {

        case TAR_DOWNLOADING: {
                unsigned remain = 85;

                percent = 0;

                if (i->settings_job) {
                        percent += i->settings_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->checksum_job) {
                        percent += i->checksum_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->signature_job) {
                        percent += i->signature_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->tar_job)
                        percent += i->tar_job->progress_percent * remain / 100;
                break;
        }

        case TAR_VERIFYING:
                percent = 85;
                break;

        case TAR_FINALIZING:
                percent = 90;
                break;

        case TAR_COPYING:
                percent = 95;
                break;

        default:
                assert_not_reached("Unknown progress state");
        }

        sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
        log_debug("Combined progress %u%%", percent);
}

static int tar_pull_make_local_copy(TarPull *i) {
        int r;

        assert(i);
        assert(i->tar_job);

        if (!i->local)
                return 0;

        if (!i->final_path) {
                r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", NULL, &i->final_path);
                if (r < 0)
                        return log_oom();
        }

        r = pull_make_local_copy(i->final_path, i->image_root, i->local, i->force_local);
        if (r < 0)
                return r;

        if (i->settings) {
                const char *local_settings;
                assert(i->settings_job);

                if (!i->settings_path) {
                        r = pull_make_path(i->settings_job->url, i->settings_job->etag, i->image_root, ".settings-", NULL, &i->settings_path);
                        if (r < 0)
                                return log_oom();
                }

                local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");

                r = copy_file_atomic(i->settings_path, local_settings, 0664, i->force_local, 0);
                if (r == -EEXIST)
                        log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
                else if (r < 0 && r != -ENOENT)
                        log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
                else
                        log_info("Created new settings file '%s.nspawn'", i->local);
        }

        return 0;
}

static bool tar_pull_is_done(TarPull *i) {
        assert(i);
        assert(i->tar_job);

        if (!PULL_JOB_IS_COMPLETE(i->tar_job))
                return false;
        if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
                return false;
        if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
                return false;
        if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
                return false;

        return true;
}

static void tar_pull_job_on_finished(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        if (j == i->settings_job) {
                if (j->error != 0)
                        log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
        } else if (j->error != 0) {
                if (j == i->checksum_job)
                        log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
                else if (j == i->signature_job)
                        log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
                else
                        log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");

                r = j->error;
                goto finish;
        }

        /* This is invoked if either the download completed
         * successfully, or the download was skipped because we
         * already have the etag. */

        if (!tar_pull_is_done(i))
                return;

        i->tar_job->disk_fd = safe_close(i->tar_job->disk_fd);
        if (i->settings_job)
                i->settings_job->disk_fd = safe_close(i->settings_job->disk_fd);

        if (i->tar_pid > 0) {
                r = wait_for_terminate_and_warn("tar", i->tar_pid, true);
                i->tar_pid = 0;
                if (r < 0)
                        goto finish;
                if (r > 0) {
                        r = -EIO;
                        goto finish;
                }
        }

        if (!i->tar_job->etag_exists) {
                /* This is a new download, verify it, and move it into place */

                tar_pull_report_progress(i, TAR_VERIFYING);

                r = pull_verify(i->tar_job, i->settings_job, i->checksum_job, i->signature_job);
                if (r < 0)
                        goto finish;

                tar_pull_report_progress(i, TAR_FINALIZING);

                r = import_make_read_only(i->temp_path);
                if (r < 0)
                        goto finish;

                r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
                if (r < 0) {
                        log_error_errno(r, "Failed to rename to final image name: %m");
                        goto finish;
                }

                i->temp_path = mfree(i->temp_path);

                if (i->settings_job &&
                    i->settings_job->error == 0 &&
                    !i->settings_job->etag_exists) {

                        assert(i->settings_temp_path);
                        assert(i->settings_path);

                        /* Also move the settings file into place, if
                         * it exist. Note that we do so only if we
                         * also moved the tar file in place, to keep
                         * things strictly in sync. */

                        r = import_make_read_only(i->settings_temp_path);
                        if (r < 0)
                                goto finish;

                        r = rename_noreplace(AT_FDCWD, i->settings_temp_path, AT_FDCWD, i->settings_path);
                        if (r < 0) {
                                log_error_errno(r, "Failed to rename settings file: %m");
                                goto finish;
                        }

                        i->settings_temp_path = mfree(i->settings_temp_path);
                }
        }

        tar_pull_report_progress(i, TAR_COPYING);

        r = tar_pull_make_local_copy(i);
        if (r < 0)
                goto finish;

        r = 0;

finish:
        if (i->on_finished)
                i->on_finished(i, r, i->userdata);
        else
                sd_event_exit(i->event, r);
}

static int tar_pull_job_on_open_disk_tar(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->tar_job == j);
        assert(!i->final_path);
        assert(!i->temp_path);
        assert(i->tar_pid <= 0);

        r = pull_make_path(j->url, j->etag, i->image_root, ".tar-", NULL, &i->final_path);
        if (r < 0)
                return log_oom();

        r = tempfn_random(i->final_path, NULL, &i->temp_path);
        if (r < 0)
                return log_oom();

        mkdir_parents_label(i->temp_path, 0700);

        r = btrfs_subvol_make(i->temp_path);
        if (r == -ENOTTY) {
                if (mkdir(i->temp_path, 0755) < 0)
                        return log_error_errno(errno, "Failed to create directory %s: %m", i->temp_path);
        } else if (r < 0)
                return log_error_errno(errno, "Failed to create subvolume %s: %m", i->temp_path);
        else
                (void) import_assign_pool_quota_and_warn(i->temp_path);

        j->disk_fd = import_fork_tar_x(i->temp_path, &i->tar_pid);
        if (j->disk_fd < 0)
                return j->disk_fd;

        return 0;
}

static int tar_pull_job_on_open_disk_settings(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->settings_job == j);
        assert(!i->settings_path);
        assert(!i->settings_temp_path);

        r = pull_make_path(j->url, j->etag, i->image_root, ".settings-", NULL, &i->settings_path);
        if (r < 0)
                return log_oom();

        r = tempfn_random(i->settings_path, NULL, &i->settings_temp_path);
        if (r < 0)
                return log_oom();

        mkdir_parents_label(i->settings_temp_path, 0700);

        j->disk_fd = open(i->settings_temp_path, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
        if (j->disk_fd < 0)
                return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);

        return 0;
}

static void tar_pull_job_on_progress(PullJob *j) {
        TarPull *i;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        tar_pull_report_progress(i, TAR_DOWNLOADING);
}

int tar_pull_start(
                TarPull *i,
                const char *url,
                const char *local,
                bool force_local,
                ImportVerify verify,
                bool settings) {

        int r;

        assert(i);
        assert(verify < _IMPORT_VERIFY_MAX);
        assert(verify >= 0);

        if (!http_url_is_valid(url))
                return -EINVAL;

        if (local && !machine_name_is_valid(local))
                return -EINVAL;

        if (i->tar_job)
                return -EBUSY;

        r = free_and_strdup(&i->local, local);
        if (r < 0)
                return r;

        i->force_local = force_local;
        i->verify = verify;
        i->settings = settings;

        /* Set up download job for TAR file */
        r = pull_job_new(&i->tar_job, url, i->glue, i);
        if (r < 0)
                return r;

        i->tar_job->on_finished = tar_pull_job_on_finished;
        i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
        i->tar_job->on_progress = tar_pull_job_on_progress;
        i->tar_job->calc_checksum = verify != IMPORT_VERIFY_NO;
        i->tar_job->grow_machine_directory = i->grow_machine_directory;

        r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
        if (r < 0)
                return r;

        /* Set up download job for the settings file (.nspawn) */
        if (settings) {
                r = pull_make_settings_job(&i->settings_job, url, i->glue, tar_pull_job_on_finished, i);
                if (r < 0)
                        return r;

                i->settings_job->on_open_disk = tar_pull_job_on_open_disk_settings;
                i->settings_job->on_progress = tar_pull_job_on_progress;
                i->settings_job->calc_checksum = verify != IMPORT_VERIFY_NO;

                r = pull_find_old_etags(i->settings_job->url, i->image_root, DT_REG, ".settings-", NULL, &i->settings_job->old_etags);
                if (r < 0)
                        return r;
        }

        /* Set up download of checksum/signature files */
        r = pull_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, tar_pull_job_on_finished, i);
        if (r < 0)
                return r;

        r = pull_job_begin(i->tar_job);
        if (r < 0)
                return r;

        if (i->settings_job) {
                r = pull_job_begin(i->settings_job);
                if (r < 0)
                        return r;
        }

        if (i->checksum_job) {
                i->checksum_job->on_progress = tar_pull_job_on_progress;

                r = pull_job_begin(i->checksum_job);
                if (r < 0)
                        return r;
        }

        if (i->signature_job) {
                i->signature_job->on_progress = tar_pull_job_on_progress;

                r = pull_job_begin(i->signature_job);
                if (r < 0)
                        return r;
        }

        return 0;
}
Commit	Line	Data
56ebfaf1 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2015 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <sys/prctl.h>
	23	#include <curl/curl.h>
	24
7079cfef	25	#include "sd-daemon.h"
07630cea	26
56ebfaf1	27	#include "btrfs-util.h"
07630cea LP	28	#include "copy.h"
07630cea LP	29	#include "curl-util.h"
3ffd4af2	30	#include "fd-util.h"
0d39fa9c	31	#include "fileio.h"
07630cea LP	32	#include "hostname-util.h"
	33	#include "import-common.h"
	34	#include "import-util.h"
56ebfaf1 LP	35	#include "macro.h"
56ebfaf1 LP	36	#include "mkdir.h"
26166c88	37	#include "path-util.h"
25300b5a	38	#include "process-util.h"
dc2c282b	39	#include "pull-common.h"
07630cea	40	#include "pull-job.h"
3ffd4af2	41	#include "pull-tar.h"
07630cea LP	42	#include "rm-rf.h"
	43	#include "string-util.h"
	44	#include "strv.h"
	45	#include "utf8.h"
	46	#include "util.h"
56ebfaf1	47
7079cfef LP	48	typedef enum TarProgress {
	49	TAR_DOWNLOADING,
	50	TAR_VERIFYING,
	51	TAR_FINALIZING,
	52	TAR_COPYING,
	53	} TarProgress;
	54
dc2c282b	55	struct TarPull {
56ebfaf1 LP	56	sd_event *event;
	57	CurlGlue *glue;
	58
	59	char *image_root;
	60
dc2c282b	61	PullJob *tar_job;
9854730b	62	PullJob *settings_job;
dc2c282b LP	63	PullJob *checksum_job;
dc2c282b LP	64	PullJob *signature_job;
56ebfaf1	65
dc2c282b	66	TarPullFinished on_finished;
56ebfaf1 LP	67	void *userdata;
56ebfaf1 LP	68
56ebfaf1 LP	69	char *local;
56ebfaf1 LP	70	bool force_local;
26166c88	71	bool grow_machine_directory;
9854730b	72	bool settings;
56ebfaf1 LP	73
	74	pid_t tar_pid;
	75
56ebfaf1	76	char *final_path;
9854730b LP	77	char *temp_path;
	78
	79	char *settings_path;
	80	char *settings_temp_path;
0100b6e1 LP	81
0100b6e1 LP	82	ImportVerify verify;
56ebfaf1 LP	83	};
56ebfaf1 LP	84
dc2c282b	85	TarPull* tar_pull_unref(TarPull *i) {
56ebfaf1 LP	86	if (!i)
	87	return NULL;
	88
0100b6e1	89	if (i->tar_pid > 1) {
8b71fce8	90	(void) kill_and_sigcont(i->tar_pid, SIGKILL);
0100b6e1	91	(void) wait_for_terminate(i->tar_pid, NULL);
56ebfaf1 LP	92	}
56ebfaf1 LP	93
dc2c282b	94	pull_job_unref(i->tar_job);
9854730b	95	pull_job_unref(i->settings_job);
dc2c282b LP	96	pull_job_unref(i->checksum_job);
dc2c282b LP	97	pull_job_unref(i->signature_job);
56ebfaf1 LP	98
	99	curl_glue_unref(i->glue);
	100	sd_event_unref(i->event);
	101
	102	if (i->temp_path) {
d9e2daaf	103	(void) rm_rf(i->temp_path, REMOVE_ROOT\|REMOVE_PHYSICAL\|REMOVE_SUBVOLUME);
0d6e763b	104	free(i->temp_path);
56ebfaf1 LP	105	}
56ebfaf1 LP	106
9854730b LP	107	if (i->settings_temp_path) {
	108	(void) unlink(i->settings_temp_path);
	109	free(i->settings_temp_path);
	110	}
	111
56ebfaf1	112	free(i->final_path);
9854730b	113	free(i->settings_path);
56ebfaf1 LP	114	free(i->image_root);
56ebfaf1 LP	115	free(i->local);
56ebfaf1 LP	116	free(i);
	117
	118	return NULL;
	119	}
	120
dc2c282b LP	121	int tar_pull_new(
dc2c282b LP	122	TarPull **ret,
8b71fce8 LP	123	sd_event *event,
8b71fce8 LP	124	const char *image_root,
dc2c282b	125	TarPullFinished on_finished,
8b71fce8 LP	126	void *userdata) {
8b71fce8 LP	127
dc2c282b	128	_cleanup_(tar_pull_unrefp) TarPull *i = NULL;
56ebfaf1 LP	129	int r;
	130
	131	assert(ret);
56ebfaf1	132
dc2c282b	133	i = new0(TarPull, 1);
56ebfaf1 LP	134	if (!i)
	135	return -ENOMEM;
	136
	137	i->on_finished = on_finished;
	138	i->userdata = userdata;
	139
	140	i->image_root = strdup(image_root ?: "/var/lib/machines");
	141	if (!i->image_root)
	142	return -ENOMEM;
	143
26166c88 LP	144	i->grow_machine_directory = path_startswith(i->image_root, "/var/lib/machines");
26166c88 LP	145
9854730b LP	146	if (event)
	147	i->event = sd_event_ref(event);
	148	else {
	149	r = sd_event_default(&i->event);
	150	if (r < 0)
	151	return r;
	152	}
56ebfaf1 LP	153
	154	r = curl_glue_new(&i->glue, i->event);
	155	if (r < 0)
	156	return r;
	157
dc2c282b	158	i->glue->on_finished = pull_job_curl_on_finished;
56ebfaf1 LP	159	i->glue->userdata = i;
	160
	161	*ret = i;
	162	i = NULL;
	163
	164	return 0;
	165	}
	166
dc2c282b	167	static void tar_pull_report_progress(TarPull *i, TarProgress p) {
7079cfef LP	168	unsigned percent;
	169
	170	assert(i);
	171
	172	switch (p) {
	173
	174	case TAR_DOWNLOADING: {
	175	unsigned remain = 85;
	176
	177	percent = 0;
	178
9854730b LP	179	if (i->settings_job) {
	180	percent += i->settings_job->progress_percent * 5 / 100;
	181	remain -= 5;
	182	}
	183
7079cfef LP	184	if (i->checksum_job) {
	185	percent += i->checksum_job->progress_percent * 5 / 100;
	186	remain -= 5;
	187	}
	188
	189	if (i->signature_job) {
	190	percent += i->signature_job->progress_percent * 5 / 100;
	191	remain -= 5;
	192	}
	193
	194	if (i->tar_job)
	195	percent += i->tar_job->progress_percent * remain / 100;
	196	break;
	197	}
	198
	199	case TAR_VERIFYING:
	200	percent = 85;
	201	break;
	202
	203	case TAR_FINALIZING:
	204	percent = 90;
	205	break;
	206
	207	case TAR_COPYING:
	208	percent = 95;
	209	break;
	210
	211	default:
	212	assert_not_reached("Unknown progress state");
	213	}
	214
	215	sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
	216	log_debug("Combined progress %u%%", percent);
	217	}
	218
dc2c282b	219	static int tar_pull_make_local_copy(TarPull *i) {
0d6e763b LP	220	int r;
	221
	222	assert(i);
	223	assert(i->tar_job);
	224
	225	if (!i->local)
	226	return 0;
	227
	228	if (!i->final_path) {
dc2c282b	229	r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", NULL, &i->final_path);
0d6e763b LP	230	if (r < 0)
0d6e763b LP	231	return log_oom();
0d6e763b LP	232	}
0d6e763b LP	233
dc2c282b	234	r = pull_make_local_copy(i->final_path, i->image_root, i->local, i->force_local);
0100b6e1 LP	235	if (r < 0)
	236	return r;
	237
9854730b LP	238	if (i->settings) {
	239	const char *local_settings;
	240	assert(i->settings_job);
	241
	242	if (!i->settings_path) {
	243	r = pull_make_path(i->settings_job->url, i->settings_job->etag, i->image_root, ".settings-", NULL, &i->settings_path);
	244	if (r < 0)
	245	return log_oom();
	246	}
	247
	248	local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");
	249
	250	r = copy_file_atomic(i->settings_path, local_settings, 0664, i->force_local, 0);
	251	if (r == -EEXIST)
	252	log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
	253	else if (r < 0 && r != -ENOENT)
79b6198b LP	254	log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
	255	else
	256	log_info("Created new settings file '%s.nspawn'", i->local);
9854730b LP	257	}
9854730b LP	258
0d6e763b LP	259	return 0;
	260	}
	261
dc2c282b	262	static bool tar_pull_is_done(TarPull *i) {
8b71fce8 LP	263	assert(i);
	264	assert(i->tar_job);
	265
9854730b	266	if (!PULL_JOB_IS_COMPLETE(i->tar_job))
8b71fce8	267	return false;
9854730b	268	if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
8b71fce8	269	return false;
9854730b LP	270	if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
	271	return false;
	272	if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
8b71fce8 LP	273	return false;
	274
	275	return true;
	276	}
	277
dc2c282b LP	278	static void tar_pull_job_on_finished(PullJob *j) {
dc2c282b LP	279	TarPull *i;
56ebfaf1 LP	280	int r;
	281
	282	assert(j);
	283	assert(j->userdata);
	284
	285	i = j->userdata;
9854730b LP	286
	287	if (j == i->settings_job) {
	288	if (j->error != 0)
	289	log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
	290	} else if (j->error != 0) {
0100b6e1 LP	291	if (j == i->checksum_job)
	292	log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
	293	else if (j == i->signature_job)
	294	log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
	295	else
	296	log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
	297
56ebfaf1 LP	298	r = j->error;
	299	goto finish;
	300	}
	301
	302	/* This is invoked if either the download completed
	303	* successfully, or the download was skipped because we
	304	* already have the etag. */
	305
dc2c282b	306	if (!tar_pull_is_done(i))
0100b6e1 LP	307	return;
0100b6e1 LP	308
9854730b LP	309	i->tar_job->disk_fd = safe_close(i->tar_job->disk_fd);
	310	if (i->settings_job)
	311	i->settings_job->disk_fd = safe_close(i->settings_job->disk_fd);
56ebfaf1 LP	312
	313	if (i->tar_pid > 0) {
	314	r = wait_for_terminate_and_warn("tar", i->tar_pid, true);
	315	i->tar_pid = 0;
	316	if (r < 0)
	317	goto finish;
9854730b LP	318	if (r > 0) {
	319	r = -EIO;
	320	goto finish;
	321	}
56ebfaf1 LP	322	}
56ebfaf1 LP	323
0100b6e1 LP	324	if (!i->tar_job->etag_exists) {
	325	/* This is a new download, verify it, and move it into place */
	326
dc2c282b	327	tar_pull_report_progress(i, TAR_VERIFYING);
7079cfef	328
9854730b	329	r = pull_verify(i->tar_job, i->settings_job, i->checksum_job, i->signature_job);
0100b6e1 LP	330	if (r < 0)
	331	goto finish;
	332
dc2c282b	333	tar_pull_report_progress(i, TAR_FINALIZING);
7079cfef	334
b6e676ce	335	r = import_make_read_only(i->temp_path);
56ebfaf1 LP	336	if (r < 0)
	337	goto finish;
	338
f85ef957 AC	339	r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
	340	if (r < 0) {
	341	log_error_errno(r, "Failed to rename to final image name: %m");
56ebfaf1 LP	342	goto finish;
56ebfaf1 LP	343	}
56ebfaf1	344
9854730b LP	345	i->temp_path = mfree(i->temp_path);
	346
	347	if (i->settings_job &&
	348	i->settings_job->error == 0 &&
	349	!i->settings_job->etag_exists) {
	350
	351	assert(i->settings_temp_path);
	352	assert(i->settings_path);
	353
	354	/* Also move the settings file into place, if
	355	* it exist. Note that we do so only if we
	356	* also moved the tar file in place, to keep
	357	* things strictly in sync. */
	358
	359	r = import_make_read_only(i->settings_temp_path);
	360	if (r < 0)
	361	goto finish;
	362
	363	r = rename_noreplace(AT_FDCWD, i->settings_temp_path, AT_FDCWD, i->settings_path);
	364	if (r < 0) {
	365	log_error_errno(r, "Failed to rename settings file: %m");
	366	goto finish;
	367	}
	368
	369	i->settings_temp_path = mfree(i->settings_temp_path);
	370	}
56ebfaf1 LP	371	}
56ebfaf1 LP	372
dc2c282b	373	tar_pull_report_progress(i, TAR_COPYING);
7079cfef	374
dc2c282b	375	r = tar_pull_make_local_copy(i);
0d6e763b LP	376	if (r < 0)
	377	goto finish;
	378
56ebfaf1 LP	379	r = 0;
	380
	381	finish:
56ebfaf1 LP	382	if (i->on_finished)
	383	i->on_finished(i, r, i->userdata);
	384	else
	385	sd_event_exit(i->event, r);
	386	}
	387
9854730b	388	static int tar_pull_job_on_open_disk_tar(PullJob *j) {
dc2c282b	389	TarPull *i;
56ebfaf1 LP	390	int r;
	391
	392	assert(j);
	393	assert(j->userdata);
	394
	395	i = j->userdata;
8b71fce8 LP	396	assert(i->tar_job == j);
	397	assert(!i->final_path);
	398	assert(!i->temp_path);
	399	assert(i->tar_pid <= 0);
56ebfaf1	400
dc2c282b	401	r = pull_make_path(j->url, j->etag, i->image_root, ".tar-", NULL, &i->final_path);
56ebfaf1 LP	402	if (r < 0)
	403	return log_oom();
	404
14bcf25c	405	r = tempfn_random(i->final_path, NULL, &i->temp_path);
56ebfaf1 LP	406	if (r < 0)
	407	return log_oom();
	408
	409	mkdir_parents_label(i->temp_path, 0700);
	410
	411	r = btrfs_subvol_make(i->temp_path);
	412	if (r == -ENOTTY) {
	413	if (mkdir(i->temp_path, 0755) < 0)
	414	return log_error_errno(errno, "Failed to create directory %s: %m", i->temp_path);
	415	} else if (r < 0)
	416	return log_error_errno(errno, "Failed to create subvolume %s: %m", i->temp_path);
8c9cfc28 LP	417	else
8c9cfc28 LP	418	(void) import_assign_pool_quota_and_warn(i->temp_path);
56ebfaf1	419
587fec42	420	j->disk_fd = import_fork_tar_x(i->temp_path, &i->tar_pid);
2c140ded LP	421	if (j->disk_fd < 0)
2c140ded LP	422	return j->disk_fd;
56ebfaf1 LP	423
	424	return 0;
	425	}
	426
9854730b LP	427	static int tar_pull_job_on_open_disk_settings(PullJob *j) {
	428	TarPull *i;
	429	int r;
	430
	431	assert(j);
	432	assert(j->userdata);
	433
	434	i = j->userdata;
	435	assert(i->settings_job == j);
	436	assert(!i->settings_path);
	437	assert(!i->settings_temp_path);
	438
	439	r = pull_make_path(j->url, j->etag, i->image_root, ".settings-", NULL, &i->settings_path);
	440	if (r < 0)
	441	return log_oom();
	442
	443	r = tempfn_random(i->settings_path, NULL, &i->settings_temp_path);
	444	if (r < 0)
	445	return log_oom();
	446
	447	mkdir_parents_label(i->settings_temp_path, 0700);
	448
	449	j->disk_fd = open(i->settings_temp_path, O_RDWR\|O_CREAT\|O_EXCL\|O_NOCTTY\|O_CLOEXEC, 0664);
	450	if (j->disk_fd < 0)
	451	return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);
	452
	453	return 0;
	454	}
	455
dc2c282b LP	456	static void tar_pull_job_on_progress(PullJob *j) {
dc2c282b LP	457	TarPull *i;
7079cfef LP	458
	459	assert(j);
	460	assert(j->userdata);
	461
	462	i = j->userdata;
	463
dc2c282b	464	tar_pull_report_progress(i, TAR_DOWNLOADING);
7079cfef LP	465	}
7079cfef LP	466
9854730b LP	467	int tar_pull_start(
	468	TarPull *i,
	469	const char *url,
	470	const char *local,
	471	bool force_local,
	472	ImportVerify verify,
	473	bool settings) {
	474
56ebfaf1 LP	475	int r;
	476
	477	assert(i);
9854730b LP	478	assert(verify < _IMPORT_VERIFY_MAX);
9854730b LP	479	assert(verify >= 0);
56ebfaf1	480
56ebfaf1 LP	481	if (!http_url_is_valid(url))
	482	return -EINVAL;
	483
	484	if (local && !machine_name_is_valid(local))
	485	return -EINVAL;
	486
8b71fce8 LP	487	if (i->tar_job)
	488	return -EBUSY;
	489
56ebfaf1 LP	490	r = free_and_strdup(&i->local, local);
	491	if (r < 0)
	492	return r;
9854730b	493
56ebfaf1	494	i->force_local = force_local;
0100b6e1	495	i->verify = verify;
9854730b	496	i->settings = settings;
56ebfaf1	497
9854730b	498	/* Set up download job for TAR file */
dc2c282b	499	r = pull_job_new(&i->tar_job, url, i->glue, i);
56ebfaf1 LP	500	if (r < 0)
	501	return r;
	502
dc2c282b	503	i->tar_job->on_finished = tar_pull_job_on_finished;
9854730b	504	i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
dc2c282b	505	i->tar_job->on_progress = tar_pull_job_on_progress;
0100b6e1	506	i->tar_job->calc_checksum = verify != IMPORT_VERIFY_NO;
26166c88	507	i->tar_job->grow_machine_directory = i->grow_machine_directory;
56ebfaf1	508
dc2c282b	509	r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
56ebfaf1 LP	510	if (r < 0)
	511	return r;
	512
9854730b LP	513	/* Set up download job for the settings file (.nspawn) */
	514	if (settings) {
	515	r = pull_make_settings_job(&i->settings_job, url, i->glue, tar_pull_job_on_finished, i);
	516	if (r < 0)
	517	return r;
	518
	519	i->settings_job->on_open_disk = tar_pull_job_on_open_disk_settings;
	520	i->settings_job->on_progress = tar_pull_job_on_progress;
	521	i->settings_job->calc_checksum = verify != IMPORT_VERIFY_NO;
	522
	523	r = pull_find_old_etags(i->settings_job->url, i->image_root, DT_REG, ".settings-", NULL, &i->settings_job->old_etags);
	524	if (r < 0)
	525	return r;
	526	}
	527
	528	/* Set up download of checksum/signature files */
dc2c282b	529	r = pull_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, tar_pull_job_on_finished, i);
0100b6e1 LP	530	if (r < 0)
	531	return r;
	532
dc2c282b	533	r = pull_job_begin(i->tar_job);
0100b6e1 LP	534	if (r < 0)
	535	return r;
	536
9854730b LP	537	if (i->settings_job) {
	538	r = pull_job_begin(i->settings_job);
	539	if (r < 0)
	540	return r;
	541	}
	542
0100b6e1	543	if (i->checksum_job) {
dc2c282b	544	i->checksum_job->on_progress = tar_pull_job_on_progress;
7079cfef	545
dc2c282b	546	r = pull_job_begin(i->checksum_job);
0100b6e1 LP	547	if (r < 0)
	548	return r;
	549	}
	550
	551	if (i->signature_job) {
dc2c282b	552	i->signature_job->on_progress = tar_pull_job_on_progress;
7079cfef	553
dc2c282b	554	r = pull_job_begin(i->signature_job);
0100b6e1 LP	555	if (r < 0)
	556	return r;
	557	}
	558
	559	return 0;
56ebfaf1	560	}