[thirdparty/systemd.git] / src / import / pull-tar.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <curl/curl.h>
#include <sys/prctl.h>

#include "sd-daemon.h"

#include "alloc-util.h"
#include "btrfs-util.h"
#include "copy.h"
#include "curl-util.h"
#include "fd-util.h"
#include "fs-util.h"
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
#include "install-file.h"
#include "macro.h"
#include "mkdir-label.h"
#include "path-util.h"
#include "process-util.h"
#include "pull-common.h"
#include "pull-job.h"
#include "pull-tar.h"
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
#include "tmpfile-util.h"
#include "user-util.h"
#include "utf8.h"
#include "web-util.h"

typedef enum TarProgress {
        TAR_DOWNLOADING,
        TAR_VERIFYING,
        TAR_FINALIZING,
        TAR_COPYING,
} TarProgress;

struct TarPull {
        sd_event *event;
        CurlGlue *glue;

        ImportFlags flags;
        ImportVerify verify;
        char *image_root;

        PullJob *tar_job;
        PullJob *checksum_job;
        PullJob *signature_job;
        PullJob *settings_job;

        TarPullFinished on_finished;
        void *userdata;

        char *local;

        pid_t tar_pid;

        char *final_path;
        char *temp_path;

        char *settings_path;
        char *settings_temp_path;

        char *checksum;
};

TarPull* tar_pull_unref(TarPull *i) {
        if (!i)
                return NULL;

        if (i->tar_pid > 1)
                sigkill_wait(i->tar_pid);

        pull_job_unref(i->tar_job);
        pull_job_unref(i->checksum_job);
        pull_job_unref(i->signature_job);
        pull_job_unref(i->settings_job);

        curl_glue_unref(i->glue);
        sd_event_unref(i->event);

        rm_rf_subvolume_and_free(i->temp_path);
        unlink_and_free(i->settings_temp_path);

        free(i->final_path);
        free(i->settings_path);
        free(i->image_root);
        free(i->local);
        free(i->checksum);

        return mfree(i);
}

int tar_pull_new(
                TarPull **ret,
                sd_event *event,
                const char *image_root,
                TarPullFinished on_finished,
                void *userdata) {

        _cleanup_(curl_glue_unrefp) CurlGlue *g = NULL;
        _cleanup_(sd_event_unrefp) sd_event *e = NULL;
        _cleanup_(tar_pull_unrefp) TarPull *i = NULL;
        _cleanup_free_ char *root = NULL;
        int r;

        assert(image_root);
        assert(ret);

        root = strdup(image_root);
        if (!root)
                return -ENOMEM;

        if (event)
                e = sd_event_ref(event);
        else {
                r = sd_event_default(&e);
                if (r < 0)
                        return r;
        }

        r = curl_glue_new(&g, e);
        if (r < 0)
                return r;

        i = new(TarPull, 1);
        if (!i)
                return -ENOMEM;

        *i = (TarPull) {
                .on_finished = on_finished,
                .userdata = userdata,
                .image_root = TAKE_PTR(root),
                .event = TAKE_PTR(e),
                .glue = TAKE_PTR(g),
        };

        i->glue->on_finished = pull_job_curl_on_finished;
        i->glue->userdata = i;

        *ret = TAKE_PTR(i);

        return 0;
}

static void tar_pull_report_progress(TarPull *i, TarProgress p) {
        unsigned percent;

        assert(i);

        switch (p) {

        case TAR_DOWNLOADING: {
                unsigned remain = 85;

                percent = 0;

                if (i->checksum_job) {
                        percent += i->checksum_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->signature_job) {
                        percent += i->signature_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->settings_job) {
                        percent += i->settings_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->tar_job)
                        percent += i->tar_job->progress_percent * remain / 100;
                break;
        }

        case TAR_VERIFYING:
                percent = 85;
                break;

        case TAR_FINALIZING:
                percent = 90;
                break;

        case TAR_COPYING:
                percent = 95;
                break;

        default:
                assert_not_reached();
        }

        sd_notifyf(false, "X_IMPORT_PROGRESS=%u%%", percent);
        log_debug("Combined progress %u%%", percent);
}

static int tar_pull_determine_path(
                TarPull *i,
                const char *suffix,
                char **field /* input + output (!) */) {
        int r;

        assert(i);
        assert(field);

        if (*field)
                return 0;

        assert(i->tar_job);

        r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", suffix, field);
        if (r < 0)
                return log_oom();

        return 1;
}

static int tar_pull_make_local_copy(TarPull *i) {
        _cleanup_(rm_rf_subvolume_and_freep) char *t = NULL;
        _cleanup_free_ char *p = NULL;
        const char *source;
        int r;

        assert(i);
        assert(i->tar_job);

        if (!i->local)
                return 0;

        assert(i->final_path);

        p = path_join(i->image_root, i->local);
        if (!p)
                return log_oom();

        if (FLAGS_SET(i->flags, IMPORT_PULL_KEEP_DOWNLOAD)) {
                r = tempfn_random(p, NULL, &t);
                if (r < 0)
                        return log_error_errno(r, "Failed to generate temporary filename for %s: %m", p);

                if (i->flags & IMPORT_BTRFS_SUBVOL)
                        r = btrfs_subvol_snapshot_at(
                                        AT_FDCWD, i->final_path,
                                        AT_FDCWD, t,
                                        (i->flags & IMPORT_BTRFS_QUOTA ? BTRFS_SNAPSHOT_QUOTA : 0)|
                                        BTRFS_SNAPSHOT_FALLBACK_COPY|
                                        BTRFS_SNAPSHOT_FALLBACK_DIRECTORY|
                                        BTRFS_SNAPSHOT_RECURSIVE);
                else
                        r = copy_tree(i->final_path, t, UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_HARDLINKS, NULL, NULL);
                if (r < 0)
                        return log_error_errno(r, "Failed to create local image: %m");

                source = t;
        } else
                source = i->final_path;

        r = install_file(AT_FDCWD, source,
                         AT_FDCWD, p,
                         (i->flags & IMPORT_FORCE ? INSTALL_REPLACE : 0) |
                         (i->flags & IMPORT_READ_ONLY ? INSTALL_READ_ONLY : 0) |
                         (i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
        if (r < 0)
                return log_error_errno(r, "Failed to install local image '%s': %m", p);

        t = mfree(t);

        log_info("Created new local image '%s'.", i->local);

        if (FLAGS_SET(i->flags, IMPORT_PULL_SETTINGS)) {
                _cleanup_free_ char *local_settings = NULL;
                assert(i->settings_job);

                r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
                if (r < 0)
                        return r;

                local_settings = strjoin(i->image_root, "/", i->local, ".nspawn");
                if (!local_settings)
                        return log_oom();

                if (FLAGS_SET(i->flags, IMPORT_PULL_KEEP_DOWNLOAD))
                        r = copy_file_atomic(
                                        i->settings_path,
                                        local_settings,
                                        0664,
                                        COPY_REFLINK |
                                        (FLAGS_SET(i->flags, IMPORT_FORCE) ? COPY_REPLACE : 0) |
                                        (FLAGS_SET(i->flags, IMPORT_SYNC) ? COPY_FSYNC_FULL : 0));
                else
                        r = install_file(AT_FDCWD, i->settings_path,
                                         AT_FDCWD, local_settings,
                                         (i->flags & IMPORT_FORCE ? INSTALL_REPLACE : 0) |
                                         (i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
                if (r == -EEXIST)
                        log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
                else if (r == -ENOENT)
                        log_debug_errno(r, "Skipping creation of settings file, since none was found.");
                else if (r < 0)
                        log_warning_errno(r, "Failed to install settings files %s, ignoring: %m", local_settings);
                else
                        log_info("Created new settings file %s.", local_settings);
        }

        return 0;
}

static bool tar_pull_is_done(TarPull *i) {
        assert(i);
        assert(i->tar_job);

        if (!PULL_JOB_IS_COMPLETE(i->tar_job))
                return false;
        if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
                return false;
        if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
                return false;
        if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
                return false;

        return true;
}

static void tar_pull_job_on_finished(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        if (j->error != 0) {
                if (j == i->tar_job) {
                        if (j->error == ENOMEDIUM) /* HTTP 404 */
                                r = log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
                        else
                                r = log_error_errno(j->error, "Failed to retrieve image file.");
                        goto finish;
                } else if (j == i->checksum_job) {
                        r = log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
                        goto finish;
                } else if (j == i->signature_job)
                        log_debug_errno(j->error, "Signature job for %s failed, proceeding for now.", j->url);
                else if (j == i->settings_job)
                        log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
                else
                        assert("unexpected job");
        }

        /* This is invoked if either the download completed successfully, or the download was skipped because
         * we already have the etag. */

        if (!tar_pull_is_done(i))
                return;

        if (i->signature_job && i->signature_job->error != 0) {
                VerificationStyle style;

                assert(i->checksum_job);

                r = verification_style_from_url(i->checksum_job->url, &style);
                if (r < 0) {
                        log_error_errno(r, "Failed to determine verification style from checksum URL: %m");
                        goto finish;
                }

                if (style == VERIFICATION_PER_DIRECTORY) { /* A failed signature file download only matters
                                                            * in per-directory verification mode, since only
                                                            * then the signature is detached, and thus a file
                                                            * of its own. */
                        r = log_error_errno(i->signature_job->error,
                                            "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
                        goto finish;
                }
        }

        pull_job_close_disk_fd(i->tar_job);
        pull_job_close_disk_fd(i->settings_job);

        if (i->tar_pid > 0) {
                r = wait_for_terminate_and_check("tar", TAKE_PID(i->tar_pid), WAIT_LOG);
                if (r < 0)
                        goto finish;
                if (r != EXIT_SUCCESS) {
                        r = -EIO;
                        goto finish;
                }
        }

        if (!i->tar_job->etag_exists) {
                /* This is a new download, verify it, and move it into place */

                tar_pull_report_progress(i, TAR_VERIFYING);

                r = pull_verify(i->verify,
                                i->checksum,
                                i->tar_job,
                                i->checksum_job,
                                i->signature_job,
                                i->settings_job,
                                /* roothash_job = */ NULL,
                                /* roothash_signature_job = */ NULL,
                                /* verity_job = */ NULL);
                if (r < 0)
                        goto finish;
        }

        if (i->flags & IMPORT_DIRECT) {
                assert(!i->settings_job);
                assert(i->local);
                assert(!i->temp_path);

                tar_pull_report_progress(i, TAR_FINALIZING);

                r = import_mangle_os_tree(i->local);
                if (r < 0)
                        goto finish;

                r = install_file(
                                AT_FDCWD, i->local,
                                AT_FDCWD, NULL,
                                (i->flags & IMPORT_READ_ONLY) ? INSTALL_READ_ONLY : 0 |
                                (i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
                if (r < 0) {
                        log_error_errno(r, "Failed to finalize '%s': %m", i->local);
                        goto finish;
                }
        } else {
                r = tar_pull_determine_path(i, NULL, &i->final_path);
                if (r < 0)
                        goto finish;

                if (!i->tar_job->etag_exists) {
                        /* This is a new download, verify it, and move it into place */

                        assert(i->temp_path);
                        assert(i->final_path);

                        tar_pull_report_progress(i, TAR_FINALIZING);

                        r = import_mangle_os_tree(i->temp_path);
                        if (r < 0)
                                goto finish;

                        r = install_file(
                                        AT_FDCWD, i->temp_path,
                                        AT_FDCWD, i->final_path,
                                        (i->flags & IMPORT_PULL_KEEP_DOWNLOAD ? INSTALL_READ_ONLY : 0) |
                                        (i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
                        if (r < 0) {
                                log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path);
                                goto finish;
                        }

                        i->temp_path = mfree(i->temp_path);

                        if (i->settings_job &&
                            i->settings_job->error == 0) {

                                /* Also move the settings file into place, if it exists. Note that we do so only if we also
                                 * moved the tar file in place, to keep things strictly in sync. */
                                assert(i->settings_temp_path);

                                /* Regenerate final name for this auxiliary file, we might know the etag of the file now, and
                                 * we should incorporate it in the file name if we can */
                                i->settings_path = mfree(i->settings_path);

                                r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
                                if (r < 0)
                                        goto finish;

                                r = install_file(
                                                AT_FDCWD, i->settings_temp_path,
                                                AT_FDCWD, i->settings_path,
                                                INSTALL_READ_ONLY|
                                                (i->flags & IMPORT_SYNC ? INSTALL_FSYNC_FULL : 0));
                                if (r < 0) {
                                        log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path);
                                        goto finish;
                                }

                                i->settings_temp_path = mfree(i->settings_temp_path);
                        }
                }

                tar_pull_report_progress(i, TAR_COPYING);

                r = tar_pull_make_local_copy(i);
                if (r < 0)
                        goto finish;
        }

        r = 0;

finish:
        if (i->on_finished)
                i->on_finished(i, r, i->userdata);
        else
                sd_event_exit(i->event, r);
}

static int tar_pull_job_on_open_disk_tar(PullJob *j) {
        const char *where;
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->tar_job == j);
        assert(i->tar_pid <= 0);

        if (i->flags & IMPORT_DIRECT)
                where = i->local;
        else {
                if (!i->temp_path) {
                        r = tempfn_random_child(i->image_root, "tar", &i->temp_path);
                        if (r < 0)
                                return log_oom();
                }

                where = i->temp_path;
        }

        (void) mkdir_parents_label(where, 0700);

        if (FLAGS_SET(i->flags, IMPORT_DIRECT|IMPORT_FORCE))
                (void) rm_rf(where, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);

        if (i->flags & IMPORT_BTRFS_SUBVOL)
                r = btrfs_subvol_make_fallback(AT_FDCWD, where, 0755);
        else
                r = RET_NERRNO(mkdir(where, 0755));
        if (r == -EEXIST && (i->flags & IMPORT_DIRECT)) /* EEXIST is OK if in direct mode, but not otherwise,
                                                       * because in that case our temporary path collided */
                r = 0;
        if (r < 0)
                return log_error_errno(r, "Failed to create directory/subvolume %s: %m", where);
        if (r > 0 && (i->flags & IMPORT_BTRFS_QUOTA)) { /* actually btrfs subvol */
                if (!(i->flags & IMPORT_DIRECT))
                        (void) import_assign_pool_quota_and_warn(i->image_root);
                (void) import_assign_pool_quota_and_warn(where);
        }

        j->disk_fd = import_fork_tar_x(where, &i->tar_pid);
        if (j->disk_fd < 0)
                return j->disk_fd;

        return 0;
}

static int tar_pull_job_on_open_disk_settings(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->settings_job == j);

        if (!i->settings_temp_path) {
                r = tempfn_random_child(i->image_root, "settings", &i->settings_temp_path);
                if (r < 0)
                        return log_oom();
        }

        (void) mkdir_parents_label(i->settings_temp_path, 0700);

        j->disk_fd = open(i->settings_temp_path, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
        if (j->disk_fd < 0)
                return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);

        return 0;
}

static void tar_pull_job_on_progress(PullJob *j) {
        TarPull *i;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        tar_pull_report_progress(i, TAR_DOWNLOADING);
}

int tar_pull_start(
                TarPull *i,
                const char *url,
                const char *local,
                ImportFlags flags,
                ImportVerify verify,
                const char *checksum) {

        int r;

        assert(i);
        assert(verify == _IMPORT_VERIFY_INVALID || verify < _IMPORT_VERIFY_MAX);
        assert(verify == _IMPORT_VERIFY_INVALID || verify >= 0);
        assert((verify < 0) || !checksum);
        assert(!(flags & ~IMPORT_PULL_FLAGS_MASK_TAR));
        assert(!(flags & IMPORT_PULL_SETTINGS) || !(flags & IMPORT_DIRECT));
        assert(!(flags & IMPORT_PULL_SETTINGS) || !checksum);

        if (!http_url_is_valid(url) && !file_url_is_valid(url))
                return -EINVAL;

        if (local && !pull_validate_local(local, flags))
                return -EINVAL;

        if (i->tar_job)
                return -EBUSY;

        r = free_and_strdup(&i->local, local);
        if (r < 0)
                return r;

        r = free_and_strdup(&i->checksum, checksum);
        if (r < 0)
                return r;

        i->flags = flags;
        i->verify = verify;

        /* Set up download job for TAR file */
        r = pull_job_new(&i->tar_job, url, i->glue, i);
        if (r < 0)
                return r;

        i->tar_job->on_finished = tar_pull_job_on_finished;
        i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
        i->tar_job->calc_checksum = checksum || IN_SET(verify, IMPORT_VERIFY_CHECKSUM, IMPORT_VERIFY_SIGNATURE);

        if (!FLAGS_SET(flags, IMPORT_DIRECT)) {
                r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
                if (r < 0)
                        return r;
        }

        /* Set up download of checksum/signature files */
        r = pull_make_verification_jobs(
                        &i->checksum_job,
                        &i->signature_job,
                        verify,
                        checksum,
                        url,
                        i->glue,
                        tar_pull_job_on_finished,
                        i);
        if (r < 0)
                return r;

        /* Set up download job for the settings file (.nspawn) */
        if (FLAGS_SET(flags, IMPORT_PULL_SETTINGS)) {
                r = pull_make_auxiliary_job(
                                &i->settings_job,
                                url,
                                tar_strip_suffixes,
                                ".nspawn",
                                verify,
                                i->glue,
                                tar_pull_job_on_open_disk_settings,
                                tar_pull_job_on_finished,
                                i);
                if (r < 0)
                        return r;
        }

        PullJob *j;
        FOREACH_ARGUMENT(j,
                         i->tar_job,
                         i->checksum_job,
                         i->signature_job,
                         i->settings_job) {

                if (!j)
                        continue;

                j->on_progress = tar_pull_job_on_progress;
                j->sync = FLAGS_SET(flags, IMPORT_SYNC);

                r = pull_job_begin(j);
                if (r < 0)
                        return r;
        }

        return 0;
}
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
56ebfaf1	2
56ebfaf1	3	#include <curl/curl.h>
cf0fbc49	4	#include <sys/prctl.h>
56ebfaf1	5
7079cfef	6	#include "sd-daemon.h"
07630cea	7
b5efdb8a	8	#include "alloc-util.h"
56ebfaf1	9	#include "btrfs-util.h"
07630cea LP	10	#include "copy.h"
07630cea LP	11	#include "curl-util.h"
3ffd4af2	12	#include "fd-util.h"
f4f15635	13	#include "fs-util.h"
07630cea LP	14	#include "hostname-util.h"
	15	#include "import-common.h"
	16	#include "import-util.h"
c40d82ab	17	#include "install-file.h"
56ebfaf1	18	#include "macro.h"
35cd0ba5	19	#include "mkdir-label.h"
26166c88	20	#include "path-util.h"
25300b5a	21	#include "process-util.h"
dc2c282b	22	#include "pull-common.h"
07630cea	23	#include "pull-job.h"
3ffd4af2	24	#include "pull-tar.h"
07630cea LP	25	#include "rm-rf.h"
	26	#include "string-util.h"
	27	#include "strv.h"
e4de7287	28	#include "tmpfile-util.h"
c40d82ab	29	#include "user-util.h"
07630cea	30	#include "utf8.h"
49cf4170	31	#include "web-util.h"
56ebfaf1	32
7079cfef LP	33	typedef enum TarProgress {
	34	TAR_DOWNLOADING,
	35	TAR_VERIFYING,
	36	TAR_FINALIZING,
	37	TAR_COPYING,
	38	} TarProgress;
	39
dc2c282b	40	struct TarPull {
56ebfaf1 LP	41	sd_event *event;
	42	CurlGlue *glue;
	43
83d74112	44	ImportFlags flags;
133b34f6	45	ImportVerify verify;
56ebfaf1 LP	46	char *image_root;
56ebfaf1 LP	47
dc2c282b LP	48	PullJob *tar_job;
	49	PullJob *checksum_job;
	50	PullJob *signature_job;
133b34f6	51	PullJob *settings_job;
56ebfaf1	52
dc2c282b	53	TarPullFinished on_finished;
56ebfaf1 LP	54	void *userdata;
56ebfaf1 LP	55
56ebfaf1	56	char *local;
56ebfaf1 LP	57
	58	pid_t tar_pid;
	59
56ebfaf1	60	char *final_path;
9854730b LP	61	char *temp_path;
	62
	63	char *settings_path;
	64	char *settings_temp_path;
c40d82ab LP	65
c40d82ab LP	66	char *checksum;
56ebfaf1 LP	67	};
56ebfaf1 LP	68
dc2c282b	69	TarPull* tar_pull_unref(TarPull *i) {
56ebfaf1 LP	70	if (!i)
	71	return NULL;
	72
7950211d LP	73	if (i->tar_pid > 1)
7950211d LP	74	sigkill_wait(i->tar_pid);
56ebfaf1	75
dc2c282b LP	76	pull_job_unref(i->tar_job);
	77	pull_job_unref(i->checksum_job);
	78	pull_job_unref(i->signature_job);
133b34f6	79	pull_job_unref(i->settings_job);
56ebfaf1 LP	80
	81	curl_glue_unref(i->glue);
	82	sd_event_unref(i->event);
	83
133b34f6 LP	84	rm_rf_subvolume_and_free(i->temp_path);
133b34f6 LP	85	unlink_and_free(i->settings_temp_path);
9854730b	86
56ebfaf1	87	free(i->final_path);
9854730b	88	free(i->settings_path);
56ebfaf1 LP	89	free(i->image_root);
56ebfaf1 LP	90	free(i->local);
c40d82ab	91	free(i->checksum);
e0061812	92
6b430fdb	93	return mfree(i);
56ebfaf1 LP	94	}
56ebfaf1 LP	95
dc2c282b LP	96	int tar_pull_new(
dc2c282b LP	97	TarPull **ret,
8b71fce8 LP	98	sd_event *event,
8b71fce8 LP	99	const char *image_root,
dc2c282b	100	TarPullFinished on_finished,
8b71fce8 LP	101	void *userdata) {
8b71fce8 LP	102
0d94088e YW	103	_cleanup_(curl_glue_unrefp) CurlGlue *g = NULL;
0d94088e YW	104	_cleanup_(sd_event_unrefp) sd_event *e = NULL;
dc2c282b	105	_cleanup_(tar_pull_unrefp) TarPull *i = NULL;
0d94088e	106	_cleanup_free_ char *root = NULL;
56ebfaf1 LP	107	int r;
56ebfaf1 LP	108
7af5785d	109	assert(image_root);
56ebfaf1	110	assert(ret);
56ebfaf1	111
7af5785d	112	root = strdup(image_root);
0d94088e	113	if (!root)
56ebfaf1 LP	114	return -ENOMEM;
56ebfaf1 LP	115
9854730b	116	if (event)
0d94088e	117	e = sd_event_ref(event);
9854730b	118	else {
0d94088e	119	r = sd_event_default(&e);
9854730b LP	120	if (r < 0)
	121	return r;
	122	}
56ebfaf1	123
0d94088e	124	r = curl_glue_new(&g, e);
56ebfaf1 LP	125	if (r < 0)
	126	return r;
	127
0d94088e YW	128	i = new(TarPull, 1);
	129	if (!i)
	130	return -ENOMEM;
	131
	132	*i = (TarPull) {
	133	.on_finished = on_finished,
	134	.userdata = userdata,
	135	.image_root = TAKE_PTR(root),
0d94088e YW	136	.event = TAKE_PTR(e),
	137	.glue = TAKE_PTR(g),
	138	};
	139
dc2c282b	140	i->glue->on_finished = pull_job_curl_on_finished;
56ebfaf1 LP	141	i->glue->userdata = i;
56ebfaf1 LP	142
1cc6c93a	143	*ret = TAKE_PTR(i);
56ebfaf1 LP	144
	145	return 0;
	146	}
	147
dc2c282b	148	static void tar_pull_report_progress(TarPull *i, TarProgress p) {
7079cfef LP	149	unsigned percent;
	150
	151	assert(i);
	152
	153	switch (p) {
	154
	155	case TAR_DOWNLOADING: {
	156	unsigned remain = 85;
	157
	158	percent = 0;
	159
	160	if (i->checksum_job) {
	161	percent += i->checksum_job->progress_percent * 5 / 100;
	162	remain -= 5;
	163	}
	164
	165	if (i->signature_job) {
	166	percent += i->signature_job->progress_percent * 5 / 100;
	167	remain -= 5;
	168	}
	169
133b34f6 LP	170	if (i->settings_job) {
	171	percent += i->settings_job->progress_percent * 5 / 100;
	172	remain -= 5;
	173	}
	174
7079cfef LP	175	if (i->tar_job)
	176	percent += i->tar_job->progress_percent * remain / 100;
	177	break;
	178	}
	179
	180	case TAR_VERIFYING:
	181	percent = 85;
	182	break;
	183
	184	case TAR_FINALIZING:
	185	percent = 90;
	186	break;
	187
	188	case TAR_COPYING:
	189	percent = 95;
	190	break;
	191
	192	default:
04499a70	193	assert_not_reached();
7079cfef LP	194	}
7079cfef LP	195
a986de68	196	sd_notifyf(false, "X_IMPORT_PROGRESS=%u%%", percent);
7079cfef LP	197	log_debug("Combined progress %u%%", percent);
	198	}
	199
c40d82ab LP	200	static int tar_pull_determine_path(
	201	TarPull *i,
	202	const char *suffix,
	203	char *field / input + output (!) */) {
91359193 LP	204	int r;
	205
	206	assert(i);
	207	assert(field);
	208
	209	if (*field)
	210	return 0;
	211
	212	assert(i->tar_job);
	213
	214	r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", suffix, field);
	215	if (r < 0)
	216	return log_oom();
	217
	218	return 1;
	219	}
	220
dc2c282b	221	static int tar_pull_make_local_copy(TarPull *i) {
c40d82ab	222	_cleanup_(rm_rf_subvolume_and_freep) char *t = NULL;
b37ec1e7	223	_cleanup_free_ char *p = NULL;
b146afc4	224	const char *source;
0d6e763b LP	225	int r;
	226
	227	assert(i);
	228	assert(i->tar_job);
	229
	230	if (!i->local)
	231	return 0;
	232
c40d82ab LP	233	assert(i->final_path);
c40d82ab LP	234
b37ec1e7 LP	235	p = path_join(i->image_root, i->local);
	236	if (!p)
	237	return log_oom();
c40d82ab	238
b146afc4 LP	239	if (FLAGS_SET(i->flags, IMPORT_PULL_KEEP_DOWNLOAD)) {
	240	r = tempfn_random(p, NULL, &t);
	241	if (r < 0)
	242	return log_error_errno(r, "Failed to generate temporary filename for %s: %m", p);
	243
	244	if (i->flags & IMPORT_BTRFS_SUBVOL)
	245	r = btrfs_subvol_snapshot_at(
	246	AT_FDCWD, i->final_path,
	247	AT_FDCWD, t,
	248	(i->flags & IMPORT_BTRFS_QUOTA ? BTRFS_SNAPSHOT_QUOTA : 0)\|
	249	BTRFS_SNAPSHOT_FALLBACK_COPY\|
	250	BTRFS_SNAPSHOT_FALLBACK_DIRECTORY\|
	251	BTRFS_SNAPSHOT_RECURSIVE);
	252	else
	253	r = copy_tree(i->final_path, t, UID_INVALID, GID_INVALID, COPY_REFLINK\|COPY_HARDLINKS, NULL, NULL);
	254	if (r < 0)
	255	return log_error_errno(r, "Failed to create local image: %m");
	256
	257	source = t;
	258	} else
	259	source = i->final_path;
c40d82ab	260
b146afc4	261	r = install_file(AT_FDCWD, source,
c40d82ab	262	AT_FDCWD, p,
83d74112 LP	263	(i->flags & IMPORT_FORCE ? INSTALL_REPLACE : 0) \|
	264	(i->flags & IMPORT_READ_ONLY ? INSTALL_READ_ONLY : 0) \|
	265	(i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
c40d82ab LP	266	if (r < 0)
	267	return log_error_errno(r, "Failed to install local image '%s': %m", p);
	268
	269	t = mfree(t);
	270
	271	log_info("Created new local image '%s'.", i->local);
0100b6e1	272
83d74112	273	if (FLAGS_SET(i->flags, IMPORT_PULL_SETTINGS)) {
b146afc4	274	_cleanup_free_ char *local_settings = NULL;
9854730b LP	275	assert(i->settings_job);
9854730b LP	276
91359193 LP	277	r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
	278	if (r < 0)
	279	return r;
9854730b	280
b146afc4 LP	281	local_settings = strjoin(i->image_root, "/", i->local, ".nspawn");
	282	if (!local_settings)
	283	return log_oom();
	284
	285	if (FLAGS_SET(i->flags, IMPORT_PULL_KEEP_DOWNLOAD))
	286	r = copy_file_atomic(
	287	i->settings_path,
	288	local_settings,
	289	0664,
	290	COPY_REFLINK \|
	291	(FLAGS_SET(i->flags, IMPORT_FORCE) ? COPY_REPLACE : 0) \|
	292	(FLAGS_SET(i->flags, IMPORT_SYNC) ? COPY_FSYNC_FULL : 0));
	293	else
	294	r = install_file(AT_FDCWD, i->settings_path,
	295	AT_FDCWD, local_settings,
	296	(i->flags & IMPORT_FORCE ? INSTALL_REPLACE : 0) \|
	297	(i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
9854730b LP	298	if (r == -EEXIST)
9854730b LP	299	log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
33859a6b LP	300	else if (r == -ENOENT)
	301	log_debug_errno(r, "Skipping creation of settings file, since none was found.");
	302	else if (r < 0)
b146afc4	303	log_warning_errno(r, "Failed to install settings files %s, ignoring: %m", local_settings);
79b6198b	304	else
33859a6b	305	log_info("Created new settings file %s.", local_settings);
9854730b LP	306	}
9854730b LP	307
0d6e763b LP	308	return 0;
	309	}
	310
dc2c282b	311	static bool tar_pull_is_done(TarPull *i) {
8b71fce8 LP	312	assert(i);
	313	assert(i->tar_job);
	314
9854730b	315	if (!PULL_JOB_IS_COMPLETE(i->tar_job))
8b71fce8	316	return false;
9854730b LP	317	if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
	318	return false;
	319	if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
8b71fce8	320	return false;
133b34f6 LP	321	if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
133b34f6 LP	322	return false;
8b71fce8 LP	323
	324	return true;
	325	}
	326
dc2c282b LP	327	static void tar_pull_job_on_finished(PullJob *j) {
dc2c282b LP	328	TarPull *i;
56ebfaf1 LP	329	int r;
	330
	331	assert(j);
	332	assert(j->userdata);
	333
	334	i = j->userdata;
9854730b	335
c40d82ab LP	336	if (j->error != 0) {
	337	if (j == i->tar_job) {
	338	if (j->error == ENOMEDIUM) /* HTTP 404 */
	339	r = log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
	340	else
	341	r = log_error_errno(j->error, "Failed to retrieve image file.");
	342	goto finish;
	343	} else if (j == i->checksum_job) {
	344	r = log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
	345	goto finish;
	346	} else if (j == i->signature_job)
	347	log_debug_errno(j->error, "Signature job for %s failed, proceeding for now.", j->url);
	348	else if (j == i->settings_job)
9854730b	349	log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
0100b6e1	350	else
c40d82ab	351	assert("unexpected job");
56ebfaf1 LP	352	}
56ebfaf1 LP	353
c33e405f LP	354	/* This is invoked if either the download completed successfully, or the download was skipped because
c33e405f LP	355	* we already have the etag. */
56ebfaf1	356
dc2c282b	357	if (!tar_pull_is_done(i))
0100b6e1 LP	358	return;
0100b6e1 LP	359
f14717a7 LP	360	if (i->signature_job && i->signature_job->error != 0) {
f14717a7 LP	361	VerificationStyle style;
697be0be	362
c40d82ab LP	363	assert(i->checksum_job);
c40d82ab LP	364
f14717a7 LP	365	r = verification_style_from_url(i->checksum_job->url, &style);
	366	if (r < 0) {
	367	log_error_errno(r, "Failed to determine verification style from checksum URL: %m");
	368	goto finish;
	369	}
	370
	371	if (style == VERIFICATION_PER_DIRECTORY) { /* A failed signature file download only matters
	372	* in per-directory verification mode, since only
	373	* then the signature is detached, and thus a file
	374	* of its own. */
c40d82ab LP	375	r = log_error_errno(i->signature_job->error,
c40d82ab LP	376	"Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
f14717a7 LP	377	goto finish;
f14717a7 LP	378	}
697be0be TB	379	}
697be0be TB	380
c40d82ab LP	381	pull_job_close_disk_fd(i->tar_job);
c40d82ab LP	382	pull_job_close_disk_fd(i->settings_job);
91359193	383
56ebfaf1	384	if (i->tar_pid > 0) {
8f03de53	385	r = wait_for_terminate_and_check("tar", TAKE_PID(i->tar_pid), WAIT_LOG);
56ebfaf1 LP	386	if (r < 0)
56ebfaf1 LP	387	goto finish;
b4a34311	388	if (r != EXIT_SUCCESS) {
9854730b LP	389	r = -EIO;
	390	goto finish;
	391	}
56ebfaf1 LP	392	}
56ebfaf1 LP	393
0100b6e1 LP	394	if (!i->tar_job->etag_exists) {
	395	/* This is a new download, verify it, and move it into place */
	396
dc2c282b	397	tar_pull_report_progress(i, TAR_VERIFYING);
7079cfef	398
ff2f7797	399	r = pull_verify(i->verify,
c40d82ab	400	i->checksum,
ff2f7797 LP	401	i->tar_job,
	402	i->checksum_job,
	403	i->signature_job,
	404	i->settings_job,
	405	/* roothash_job = */ NULL,
	406	/* roothash_signature_job = */ NULL,
	407	/* verity_job = */ NULL);
0100b6e1 LP	408	if (r < 0)
0100b6e1 LP	409	goto finish;
c40d82ab	410	}
0100b6e1	411
83d74112	412	if (i->flags & IMPORT_DIRECT) {
c40d82ab LP	413	assert(!i->settings_job);
	414	assert(i->local);
	415	assert(!i->temp_path);
7079cfef	416
c40d82ab	417	tar_pull_report_progress(i, TAR_FINALIZING);
c33e405f	418
c40d82ab	419	r = import_mangle_os_tree(i->local);
56ebfaf1 LP	420	if (r < 0)
	421	goto finish;
	422
c40d82ab LP	423	r = install_file(
	424	AT_FDCWD, i->local,
	425	AT_FDCWD, NULL,
83d74112 LP	426	(i->flags & IMPORT_READ_ONLY) ? INSTALL_READ_ONLY : 0 \|
83d74112 LP	427	(i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
f85ef957	428	if (r < 0) {
c40d82ab	429	log_error_errno(r, "Failed to finalize '%s': %m", i->local);
56ebfaf1 LP	430	goto finish;
56ebfaf1 LP	431	}
c40d82ab LP	432	} else {
	433	r = tar_pull_determine_path(i, NULL, &i->final_path);
	434	if (r < 0)
	435	goto finish;
56ebfaf1	436
c40d82ab LP	437	if (!i->tar_job->etag_exists) {
c40d82ab LP	438	/* This is a new download, verify it, and move it into place */
9854730b	439
c40d82ab LP	440	assert(i->temp_path);
c40d82ab LP	441	assert(i->final_path);
91359193	442
c40d82ab	443	tar_pull_report_progress(i, TAR_FINALIZING);
e0061812	444
c40d82ab	445	r = import_mangle_os_tree(i->temp_path);
91359193 LP	446	if (r < 0)
91359193 LP	447	goto finish;
9854730b	448
c40d82ab LP	449	r = install_file(
	450	AT_FDCWD, i->temp_path,
	451	AT_FDCWD, i->final_path,
b146afc4	452	(i->flags & IMPORT_PULL_KEEP_DOWNLOAD ? INSTALL_READ_ONLY : 0) \|
83d74112	453	(i->flags & IMPORT_SYNC ? INSTALL_SYNCFS : 0));
9854730b	454	if (r < 0) {
c40d82ab	455	log_error_errno(r, "Failed to rename to final image name to %s: %m", i->final_path);
9854730b LP	456	goto finish;
	457	}
	458
c40d82ab LP	459	i->temp_path = mfree(i->temp_path);
	460
	461	if (i->settings_job &&
	462	i->settings_job->error == 0) {
	463
	464	/* Also move the settings file into place, if it exists. Note that we do so only if we also
	465	* moved the tar file in place, to keep things strictly in sync. */
	466	assert(i->settings_temp_path);
	467
	468	/* Regenerate final name for this auxiliary file, we might know the etag of the file now, and
	469	* we should incorporate it in the file name if we can */
	470	i->settings_path = mfree(i->settings_path);
	471
	472	r = tar_pull_determine_path(i, ".nspawn", &i->settings_path);
	473	if (r < 0)
	474	goto finish;
	475
	476	r = install_file(
	477	AT_FDCWD, i->settings_temp_path,
	478	AT_FDCWD, i->settings_path,
	479	INSTALL_READ_ONLY\|
83d74112	480	(i->flags & IMPORT_SYNC ? INSTALL_FSYNC_FULL : 0));
c40d82ab LP	481	if (r < 0) {
	482	log_error_errno(r, "Failed to rename settings file to %s: %m", i->settings_path);
	483	goto finish;
	484	}
	485
	486	i->settings_temp_path = mfree(i->settings_temp_path);
	487	}
9854730b	488	}
56ebfaf1	489
c40d82ab	490	tar_pull_report_progress(i, TAR_COPYING);
7079cfef	491
c40d82ab LP	492	r = tar_pull_make_local_copy(i);
	493	if (r < 0)
	494	goto finish;
	495	}
0d6e763b	496
56ebfaf1 LP	497	r = 0;
	498
	499	finish:
56ebfaf1 LP	500	if (i->on_finished)
	501	i->on_finished(i, r, i->userdata);
	502	else
	503	sd_event_exit(i->event, r);
	504	}
	505
9854730b	506	static int tar_pull_job_on_open_disk_tar(PullJob *j) {
c40d82ab	507	const char *where;
dc2c282b	508	TarPull *i;
56ebfaf1 LP	509	int r;
	510
	511	assert(j);
	512	assert(j->userdata);
	513
	514	i = j->userdata;
8b71fce8	515	assert(i->tar_job == j);
8b71fce8	516	assert(i->tar_pid <= 0);
56ebfaf1	517
83d74112	518	if (i->flags & IMPORT_DIRECT)
c40d82ab LP	519	where = i->local;
	520	else {
	521	if (!i->temp_path) {
	522	r = tempfn_random_child(i->image_root, "tar", &i->temp_path);
	523	if (r < 0)
	524	return log_oom();
	525	}
	526
	527	where = i->temp_path;
91359193	528	}
56ebfaf1	529
c40d82ab LP	530	(void) mkdir_parents_label(where, 0700);
c40d82ab LP	531
83d74112	532	if (FLAGS_SET(i->flags, IMPORT_DIRECT\|IMPORT_FORCE))
c40d82ab	533	(void) rm_rf(where, REMOVE_ROOT\|REMOVE_PHYSICAL\|REMOVE_SUBVOLUME);
56ebfaf1	534
83d74112	535	if (i->flags & IMPORT_BTRFS_SUBVOL)
e54c79cc	536	r = btrfs_subvol_make_fallback(AT_FDCWD, where, 0755);
c40d82ab	537	else
7c248223	538	r = RET_NERRNO(mkdir(where, 0755));
83d74112	539	if (r == -EEXIST && (i->flags & IMPORT_DIRECT)) /* EEXIST is OK if in direct mode, but not otherwise,
c40d82ab LP	540	* because in that case our temporary path collided */
c40d82ab LP	541	r = 0;
82c4440d	542	if (r < 0)
c40d82ab	543	return log_error_errno(r, "Failed to create directory/subvolume %s: %m", where);
83d74112 LP	544	if (r > 0 && (i->flags & IMPORT_BTRFS_QUOTA)) { /* actually btrfs subvol */
83d74112 LP	545	if (!(i->flags & IMPORT_DIRECT))
c40d82ab LP	546	(void) import_assign_pool_quota_and_warn(i->image_root);
c40d82ab LP	547	(void) import_assign_pool_quota_and_warn(where);
052ba0eb	548	}
56ebfaf1	549
c40d82ab	550	j->disk_fd = import_fork_tar_x(where, &i->tar_pid);
2c140ded LP	551	if (j->disk_fd < 0)
2c140ded LP	552	return j->disk_fd;
56ebfaf1 LP	553
	554	return 0;
	555	}
	556
9854730b LP	557	static int tar_pull_job_on_open_disk_settings(PullJob *j) {
	558	TarPull *i;
	559	int r;
	560
	561	assert(j);
	562	assert(j->userdata);
	563
	564	i = j->userdata;
	565	assert(i->settings_job == j);
9854730b	566
91359193 LP	567	if (!i->settings_temp_path) {
	568	r = tempfn_random_child(i->image_root, "settings", &i->settings_temp_path);
	569	if (r < 0)
	570	return log_oom();
	571	}
9854730b	572
c40d82ab	573	(void) mkdir_parents_label(i->settings_temp_path, 0700);
9854730b LP	574
	575	j->disk_fd = open(i->settings_temp_path, O_RDWR\|O_CREAT\|O_EXCL\|O_NOCTTY\|O_CLOEXEC, 0664);
	576	if (j->disk_fd < 0)
	577	return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);
	578
	579	return 0;
	580	}
	581
dc2c282b LP	582	static void tar_pull_job_on_progress(PullJob *j) {
dc2c282b LP	583	TarPull *i;
7079cfef LP	584
	585	assert(j);
	586	assert(j->userdata);
	587
	588	i = j->userdata;
	589
dc2c282b	590	tar_pull_report_progress(i, TAR_DOWNLOADING);
7079cfef LP	591	}
7079cfef LP	592
9854730b LP	593	int tar_pull_start(
	594	TarPull *i,
	595	const char *url,
	596	const char *local,
83d74112	597	ImportFlags flags,
c40d82ab LP	598	ImportVerify verify,
c40d82ab LP	599	const char *checksum) {
9854730b	600
56ebfaf1 LP	601	int r;
	602
	603	assert(i);
c40d82ab LP	604	assert(verify == _IMPORT_VERIFY_INVALID \|\| verify < _IMPORT_VERIFY_MAX);
	605	assert(verify == _IMPORT_VERIFY_INVALID \|\| verify >= 0);
	606	assert((verify < 0) \|\| !checksum);
83d74112 LP	607	assert(!(flags & ~IMPORT_PULL_FLAGS_MASK_TAR));
	608	assert(!(flags & IMPORT_PULL_SETTINGS) \|\| !(flags & IMPORT_DIRECT));
	609	assert(!(flags & IMPORT_PULL_SETTINGS) \|\| !checksum);
56ebfaf1	610
c456862f	611	if (!http_url_is_valid(url) && !file_url_is_valid(url))
56ebfaf1 LP	612	return -EINVAL;
56ebfaf1 LP	613
c40d82ab	614	if (local && !pull_validate_local(local, flags))
56ebfaf1 LP	615	return -EINVAL;
56ebfaf1 LP	616
8b71fce8 LP	617	if (i->tar_job)
	618	return -EBUSY;
	619
56ebfaf1 LP	620	r = free_and_strdup(&i->local, local);
	621	if (r < 0)
	622	return r;
9854730b	623
c40d82ab LP	624	r = free_and_strdup(&i->checksum, checksum);
	625	if (r < 0)
	626	return r;
	627
133b34f6	628	i->flags = flags;
0100b6e1	629	i->verify = verify;
56ebfaf1	630
9854730b	631	/* Set up download job for TAR file */
dc2c282b	632	r = pull_job_new(&i->tar_job, url, i->glue, i);
56ebfaf1 LP	633	if (r < 0)
	634	return r;
	635
dc2c282b	636	i->tar_job->on_finished = tar_pull_job_on_finished;
9854730b	637	i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
c40d82ab	638	i->tar_job->calc_checksum = checksum \|\| IN_SET(verify, IMPORT_VERIFY_CHECKSUM, IMPORT_VERIFY_SIGNATURE);
56ebfaf1	639
83d74112	640	if (!FLAGS_SET(flags, IMPORT_DIRECT)) {
c40d82ab LP	641	r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
	642	if (r < 0)
	643	return r;
	644	}
56ebfaf1	645
133b34f6	646	/* Set up download of checksum/signature files */
c40d82ab LP	647	r = pull_make_verification_jobs(
	648	&i->checksum_job,
	649	&i->signature_job,
	650	verify,
	651	checksum,
	652	url,
	653	i->glue,
	654	tar_pull_job_on_finished,
	655	i);
133b34f6 LP	656	if (r < 0)
	657	return r;
	658
9854730b	659	/* Set up download job for the settings file (.nspawn) */
83d74112	660	if (FLAGS_SET(flags, IMPORT_PULL_SETTINGS)) {
c40d82ab LP	661	r = pull_make_auxiliary_job(
	662	&i->settings_job,
	663	url,
	664	tar_strip_suffixes,
	665	".nspawn",
	666	verify,
	667	i->glue,
	668	tar_pull_job_on_open_disk_settings,
	669	tar_pull_job_on_finished,
	670	i);
9854730b LP	671	if (r < 0)
9854730b LP	672	return r;
9854730b LP	673	}
9854730b LP	674
2d708781 MY	675	PullJob *j;
	676	FOREACH_ARGUMENT(j,
	677	i->tar_job,
	678	i->checksum_job,
	679	i->signature_job,
	680	i->settings_job) {
0100b6e1	681
c40d82ab LP	682	if (!j)
c40d82ab LP	683	continue;
7079cfef	684
c40d82ab	685	j->on_progress = tar_pull_job_on_progress;
83d74112	686	j->sync = FLAGS_SET(flags, IMPORT_SYNC);
0100b6e1	687
c40d82ab	688	r = pull_job_begin(j);
133b34f6 LP	689	if (r < 0)
	690	return r;
	691	}
	692
0100b6e1	693	return 0;
56ebfaf1	694	}