[thirdparty/systemd.git] / src / import / pull-tar.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2015 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <sys/prctl.h>
#include <curl/curl.h>

#include "sd-daemon.h"

#include "btrfs-util.h"
#include "copy.h"
#include "curl-util.h"
#include "hostname-util.h"
#include "import-common.h"
#include "import-util.h"
#include "macro.h"
#include "mkdir.h"
#include "path-util.h"
#include "process-util.h"
#include "pull-common.h"
#include "pull-job.h"
#include "rm-rf.h"
#include "string-util.h"
#include "strv.h"
#include "utf8.h"
#include "util.h"
#include "pull-tar.h"

typedef enum TarProgress {
        TAR_DOWNLOADING,
        TAR_VERIFYING,
        TAR_FINALIZING,
        TAR_COPYING,
} TarProgress;

struct TarPull {
        sd_event *event;
        CurlGlue *glue;

        char *image_root;

        PullJob *tar_job;
        PullJob *settings_job;
        PullJob *checksum_job;
        PullJob *signature_job;

        TarPullFinished on_finished;
        void *userdata;

        char *local;
        bool force_local;
        bool grow_machine_directory;
        bool settings;

        pid_t tar_pid;

        char *final_path;
        char *temp_path;

        char *settings_path;
        char *settings_temp_path;

        ImportVerify verify;
};

TarPull* tar_pull_unref(TarPull *i) {
        if (!i)
                return NULL;

        if (i->tar_pid > 1) {
                (void) kill_and_sigcont(i->tar_pid, SIGKILL);
                (void) wait_for_terminate(i->tar_pid, NULL);
        }

        pull_job_unref(i->tar_job);
        pull_job_unref(i->settings_job);
        pull_job_unref(i->checksum_job);
        pull_job_unref(i->signature_job);

        curl_glue_unref(i->glue);
        sd_event_unref(i->event);

        if (i->temp_path) {
                (void) rm_rf(i->temp_path, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_SUBVOLUME);
                free(i->temp_path);
        }

        if (i->settings_temp_path) {
                (void) unlink(i->settings_temp_path);
                free(i->settings_temp_path);
        }

        free(i->final_path);
        free(i->settings_path);
        free(i->image_root);
        free(i->local);
        free(i);

        return NULL;
}

int tar_pull_new(
                TarPull **ret,
                sd_event *event,
                const char *image_root,
                TarPullFinished on_finished,
                void *userdata) {

        _cleanup_(tar_pull_unrefp) TarPull *i = NULL;
        int r;

        assert(ret);

        i = new0(TarPull, 1);
        if (!i)
                return -ENOMEM;

        i->on_finished = on_finished;
        i->userdata = userdata;

        i->image_root = strdup(image_root ?: "/var/lib/machines");
        if (!i->image_root)
                return -ENOMEM;

        i->grow_machine_directory = path_startswith(i->image_root, "/var/lib/machines");

        if (event)
                i->event = sd_event_ref(event);
        else {
                r = sd_event_default(&i->event);
                if (r < 0)
                        return r;
        }

        r = curl_glue_new(&i->glue, i->event);
        if (r < 0)
                return r;

        i->glue->on_finished = pull_job_curl_on_finished;
        i->glue->userdata = i;

        *ret = i;
        i = NULL;

        return 0;
}

static void tar_pull_report_progress(TarPull *i, TarProgress p) {
        unsigned percent;

        assert(i);

        switch (p) {

        case TAR_DOWNLOADING: {
                unsigned remain = 85;

                percent = 0;

                if (i->settings_job) {
                        percent += i->settings_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->checksum_job) {
                        percent += i->checksum_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->signature_job) {
                        percent += i->signature_job->progress_percent * 5 / 100;
                        remain -= 5;
                }

                if (i->tar_job)
                        percent += i->tar_job->progress_percent * remain / 100;
                break;
        }

        case TAR_VERIFYING:
                percent = 85;
                break;

        case TAR_FINALIZING:
                percent = 90;
                break;

        case TAR_COPYING:
                percent = 95;
                break;

        default:
                assert_not_reached("Unknown progress state");
        }

        sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
        log_debug("Combined progress %u%%", percent);
}

static int tar_pull_make_local_copy(TarPull *i) {
        int r;

        assert(i);
        assert(i->tar_job);

        if (!i->local)
                return 0;

        if (!i->final_path) {
                r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", NULL, &i->final_path);
                if (r < 0)
                        return log_oom();
        }

        r = pull_make_local_copy(i->final_path, i->image_root, i->local, i->force_local);
        if (r < 0)
                return r;

        if (i->settings) {
                const char *local_settings;
                assert(i->settings_job);

                if (!i->settings_path) {
                        r = pull_make_path(i->settings_job->url, i->settings_job->etag, i->image_root, ".settings-", NULL, &i->settings_path);
                        if (r < 0)
                                return log_oom();
                }

                local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");

                r = copy_file_atomic(i->settings_path, local_settings, 0664, i->force_local, 0);
                if (r == -EEXIST)
                        log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
                else if (r < 0 && r != -ENOENT)
                        log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
                else
                        log_info("Created new settings file '%s.nspawn'", i->local);
        }

        return 0;
}

static bool tar_pull_is_done(TarPull *i) {
        assert(i);
        assert(i->tar_job);

        if (!PULL_JOB_IS_COMPLETE(i->tar_job))
                return false;
        if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
                return false;
        if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
                return false;
        if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
                return false;

        return true;
}

static void tar_pull_job_on_finished(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        if (j == i->settings_job) {
                if (j->error != 0)
                        log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
        } else if (j->error != 0) {
                if (j == i->checksum_job)
                        log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
                else if (j == i->signature_job)
                        log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
                else
                        log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");

                r = j->error;
                goto finish;
        }

        /* This is invoked if either the download completed
         * successfully, or the download was skipped because we
         * already have the etag. */

        if (!tar_pull_is_done(i))
                return;

        i->tar_job->disk_fd = safe_close(i->tar_job->disk_fd);
        if (i->settings_job)
                i->settings_job->disk_fd = safe_close(i->settings_job->disk_fd);

        if (i->tar_pid > 0) {
                r = wait_for_terminate_and_warn("tar", i->tar_pid, true);
                i->tar_pid = 0;
                if (r < 0)
                        goto finish;
                if (r > 0) {
                        r = -EIO;
                        goto finish;
                }
        }

        if (!i->tar_job->etag_exists) {
                /* This is a new download, verify it, and move it into place */

                tar_pull_report_progress(i, TAR_VERIFYING);

                r = pull_verify(i->tar_job, i->settings_job, i->checksum_job, i->signature_job);
                if (r < 0)
                        goto finish;

                tar_pull_report_progress(i, TAR_FINALIZING);

                r = import_make_read_only(i->temp_path);
                if (r < 0)
                        goto finish;

                r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
                if (r < 0) {
                        log_error_errno(r, "Failed to rename to final image name: %m");
                        goto finish;
                }

                i->temp_path = mfree(i->temp_path);

                if (i->settings_job &&
                    i->settings_job->error == 0 &&
                    !i->settings_job->etag_exists) {

                        assert(i->settings_temp_path);
                        assert(i->settings_path);

                        /* Also move the settings file into place, if
                         * it exist. Note that we do so only if we
                         * also moved the tar file in place, to keep
                         * things strictly in sync. */

                        r = import_make_read_only(i->settings_temp_path);
                        if (r < 0)
                                goto finish;

                        r = rename_noreplace(AT_FDCWD, i->settings_temp_path, AT_FDCWD, i->settings_path);
                        if (r < 0) {
                                log_error_errno(r, "Failed to rename settings file: %m");
                                goto finish;
                        }

                        i->settings_temp_path = mfree(i->settings_temp_path);
                }
        }

        tar_pull_report_progress(i, TAR_COPYING);

        r = tar_pull_make_local_copy(i);
        if (r < 0)
                goto finish;

        r = 0;

finish:
        if (i->on_finished)
                i->on_finished(i, r, i->userdata);
        else
                sd_event_exit(i->event, r);
}

static int tar_pull_job_on_open_disk_tar(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->tar_job == j);
        assert(!i->final_path);
        assert(!i->temp_path);
        assert(i->tar_pid <= 0);

        r = pull_make_path(j->url, j->etag, i->image_root, ".tar-", NULL, &i->final_path);
        if (r < 0)
                return log_oom();

        r = tempfn_random(i->final_path, NULL, &i->temp_path);
        if (r < 0)
                return log_oom();

        mkdir_parents_label(i->temp_path, 0700);

        r = btrfs_subvol_make(i->temp_path);
        if (r == -ENOTTY) {
                if (mkdir(i->temp_path, 0755) < 0)
                        return log_error_errno(errno, "Failed to create directory %s: %m", i->temp_path);
        } else if (r < 0)
                return log_error_errno(errno, "Failed to create subvolume %s: %m", i->temp_path);
        else
                (void) import_assign_pool_quota_and_warn(i->temp_path);

        j->disk_fd = import_fork_tar_x(i->temp_path, &i->tar_pid);
        if (j->disk_fd < 0)
                return j->disk_fd;

        return 0;
}

static int tar_pull_job_on_open_disk_settings(PullJob *j) {
        TarPull *i;
        int r;

        assert(j);
        assert(j->userdata);

        i = j->userdata;
        assert(i->settings_job == j);
        assert(!i->settings_path);
        assert(!i->settings_temp_path);

        r = pull_make_path(j->url, j->etag, i->image_root, ".settings-", NULL, &i->settings_path);
        if (r < 0)
                return log_oom();

        r = tempfn_random(i->settings_path, NULL, &i->settings_temp_path);
        if (r < 0)
                return log_oom();

        mkdir_parents_label(i->settings_temp_path, 0700);

        j->disk_fd = open(i->settings_temp_path, O_RDWR|O_CREAT|O_EXCL|O_NOCTTY|O_CLOEXEC, 0664);
        if (j->disk_fd < 0)
                return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);

        return 0;
}

static void tar_pull_job_on_progress(PullJob *j) {
        TarPull *i;

        assert(j);
        assert(j->userdata);

        i = j->userdata;

        tar_pull_report_progress(i, TAR_DOWNLOADING);
}

int tar_pull_start(
                TarPull *i,
                const char *url,
                const char *local,
                bool force_local,
                ImportVerify verify,
                bool settings) {

        int r;

        assert(i);
        assert(verify < _IMPORT_VERIFY_MAX);
        assert(verify >= 0);

        if (!http_url_is_valid(url))
                return -EINVAL;

        if (local && !machine_name_is_valid(local))
                return -EINVAL;

        if (i->tar_job)
                return -EBUSY;

        r = free_and_strdup(&i->local, local);
        if (r < 0)
                return r;

        i->force_local = force_local;
        i->verify = verify;
        i->settings = settings;

        /* Set up download job for TAR file */
        r = pull_job_new(&i->tar_job, url, i->glue, i);
        if (r < 0)
                return r;

        i->tar_job->on_finished = tar_pull_job_on_finished;
        i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
        i->tar_job->on_progress = tar_pull_job_on_progress;
        i->tar_job->calc_checksum = verify != IMPORT_VERIFY_NO;
        i->tar_job->grow_machine_directory = i->grow_machine_directory;

        r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
        if (r < 0)
                return r;

        /* Set up download job for the settings file (.nspawn) */
        if (settings) {
                r = pull_make_settings_job(&i->settings_job, url, i->glue, tar_pull_job_on_finished, i);
                if (r < 0)
                        return r;

                i->settings_job->on_open_disk = tar_pull_job_on_open_disk_settings;
                i->settings_job->on_progress = tar_pull_job_on_progress;
                i->settings_job->calc_checksum = verify != IMPORT_VERIFY_NO;

                r = pull_find_old_etags(i->settings_job->url, i->image_root, DT_REG, ".settings-", NULL, &i->settings_job->old_etags);
                if (r < 0)
                        return r;
        }

        /* Set up download of checksum/signature files */
        r = pull_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, tar_pull_job_on_finished, i);
        if (r < 0)
                return r;

        r = pull_job_begin(i->tar_job);
        if (r < 0)
                return r;

        if (i->settings_job) {
                r = pull_job_begin(i->settings_job);
                if (r < 0)
                        return r;
        }

        if (i->checksum_job) {
                i->checksum_job->on_progress = tar_pull_job_on_progress;

                r = pull_job_begin(i->checksum_job);
                if (r < 0)
                        return r;
        }

        if (i->signature_job) {
                i->signature_job->on_progress = tar_pull_job_on_progress;

                r = pull_job_begin(i->signature_job);
                if (r < 0)
                        return r;
        }

        return 0;
}
Commit	Line	Data
56ebfaf1 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2015 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <sys/prctl.h>
	23	#include <curl/curl.h>
	24
7079cfef	25	#include "sd-daemon.h"
07630cea	26
56ebfaf1	27	#include "btrfs-util.h"
07630cea LP	28	#include "copy.h"
	29	#include "curl-util.h"
	30	#include "hostname-util.h"
	31	#include "import-common.h"
	32	#include "import-util.h"
56ebfaf1 LP	33	#include "macro.h"
56ebfaf1 LP	34	#include "mkdir.h"
26166c88	35	#include "path-util.h"
25300b5a	36	#include "process-util.h"
dc2c282b	37	#include "pull-common.h"
07630cea LP	38	#include "pull-job.h"
	39	#include "rm-rf.h"
	40	#include "string-util.h"
	41	#include "strv.h"
	42	#include "utf8.h"
	43	#include "util.h"
dc2c282b	44	#include "pull-tar.h"
56ebfaf1	45
7079cfef LP	46	typedef enum TarProgress {
	47	TAR_DOWNLOADING,
	48	TAR_VERIFYING,
	49	TAR_FINALIZING,
	50	TAR_COPYING,
	51	} TarProgress;
	52
dc2c282b	53	struct TarPull {
56ebfaf1 LP	54	sd_event *event;
	55	CurlGlue *glue;
	56
	57	char *image_root;
	58
dc2c282b	59	PullJob *tar_job;
9854730b	60	PullJob *settings_job;
dc2c282b LP	61	PullJob *checksum_job;
dc2c282b LP	62	PullJob *signature_job;
56ebfaf1	63
dc2c282b	64	TarPullFinished on_finished;
56ebfaf1 LP	65	void *userdata;
56ebfaf1 LP	66
56ebfaf1 LP	67	char *local;
56ebfaf1 LP	68	bool force_local;
26166c88	69	bool grow_machine_directory;
9854730b	70	bool settings;
56ebfaf1 LP	71
	72	pid_t tar_pid;
	73
56ebfaf1	74	char *final_path;
9854730b LP	75	char *temp_path;
	76
	77	char *settings_path;
	78	char *settings_temp_path;
0100b6e1 LP	79
0100b6e1 LP	80	ImportVerify verify;
56ebfaf1 LP	81	};
56ebfaf1 LP	82
dc2c282b	83	TarPull* tar_pull_unref(TarPull *i) {
56ebfaf1 LP	84	if (!i)
	85	return NULL;
	86
0100b6e1	87	if (i->tar_pid > 1) {
8b71fce8	88	(void) kill_and_sigcont(i->tar_pid, SIGKILL);
0100b6e1	89	(void) wait_for_terminate(i->tar_pid, NULL);
56ebfaf1 LP	90	}
56ebfaf1 LP	91
dc2c282b	92	pull_job_unref(i->tar_job);
9854730b	93	pull_job_unref(i->settings_job);
dc2c282b LP	94	pull_job_unref(i->checksum_job);
dc2c282b LP	95	pull_job_unref(i->signature_job);
56ebfaf1 LP	96
	97	curl_glue_unref(i->glue);
	98	sd_event_unref(i->event);
	99
	100	if (i->temp_path) {
d9e2daaf	101	(void) rm_rf(i->temp_path, REMOVE_ROOT\|REMOVE_PHYSICAL\|REMOVE_SUBVOLUME);
0d6e763b	102	free(i->temp_path);
56ebfaf1 LP	103	}
56ebfaf1 LP	104
9854730b LP	105	if (i->settings_temp_path) {
	106	(void) unlink(i->settings_temp_path);
	107	free(i->settings_temp_path);
	108	}
	109
56ebfaf1	110	free(i->final_path);
9854730b	111	free(i->settings_path);
56ebfaf1 LP	112	free(i->image_root);
56ebfaf1 LP	113	free(i->local);
56ebfaf1 LP	114	free(i);
	115
	116	return NULL;
	117	}
	118
dc2c282b LP	119	int tar_pull_new(
dc2c282b LP	120	TarPull **ret,
8b71fce8 LP	121	sd_event *event,
8b71fce8 LP	122	const char *image_root,
dc2c282b	123	TarPullFinished on_finished,
8b71fce8 LP	124	void *userdata) {
8b71fce8 LP	125
dc2c282b	126	_cleanup_(tar_pull_unrefp) TarPull *i = NULL;
56ebfaf1 LP	127	int r;
	128
	129	assert(ret);
56ebfaf1	130
dc2c282b	131	i = new0(TarPull, 1);
56ebfaf1 LP	132	if (!i)
	133	return -ENOMEM;
	134
	135	i->on_finished = on_finished;
	136	i->userdata = userdata;
	137
	138	i->image_root = strdup(image_root ?: "/var/lib/machines");
	139	if (!i->image_root)
	140	return -ENOMEM;
	141
26166c88 LP	142	i->grow_machine_directory = path_startswith(i->image_root, "/var/lib/machines");
26166c88 LP	143
9854730b LP	144	if (event)
	145	i->event = sd_event_ref(event);
	146	else {
	147	r = sd_event_default(&i->event);
	148	if (r < 0)
	149	return r;
	150	}
56ebfaf1 LP	151
	152	r = curl_glue_new(&i->glue, i->event);
	153	if (r < 0)
	154	return r;
	155
dc2c282b	156	i->glue->on_finished = pull_job_curl_on_finished;
56ebfaf1 LP	157	i->glue->userdata = i;
	158
	159	*ret = i;
	160	i = NULL;
	161
	162	return 0;
	163	}
	164
dc2c282b	165	static void tar_pull_report_progress(TarPull *i, TarProgress p) {
7079cfef LP	166	unsigned percent;
	167
	168	assert(i);
	169
	170	switch (p) {
	171
	172	case TAR_DOWNLOADING: {
	173	unsigned remain = 85;
	174
	175	percent = 0;
	176
9854730b LP	177	if (i->settings_job) {
	178	percent += i->settings_job->progress_percent * 5 / 100;
	179	remain -= 5;
	180	}
	181
7079cfef LP	182	if (i->checksum_job) {
	183	percent += i->checksum_job->progress_percent * 5 / 100;
	184	remain -= 5;
	185	}
	186
	187	if (i->signature_job) {
	188	percent += i->signature_job->progress_percent * 5 / 100;
	189	remain -= 5;
	190	}
	191
	192	if (i->tar_job)
	193	percent += i->tar_job->progress_percent * remain / 100;
	194	break;
	195	}
	196
	197	case TAR_VERIFYING:
	198	percent = 85;
	199	break;
	200
	201	case TAR_FINALIZING:
	202	percent = 90;
	203	break;
	204
	205	case TAR_COPYING:
	206	percent = 95;
	207	break;
	208
	209	default:
	210	assert_not_reached("Unknown progress state");
	211	}
	212
	213	sd_notifyf(false, "X_IMPORT_PROGRESS=%u", percent);
	214	log_debug("Combined progress %u%%", percent);
	215	}
	216
dc2c282b	217	static int tar_pull_make_local_copy(TarPull *i) {
0d6e763b LP	218	int r;
	219
	220	assert(i);
	221	assert(i->tar_job);
	222
	223	if (!i->local)
	224	return 0;
	225
	226	if (!i->final_path) {
dc2c282b	227	r = pull_make_path(i->tar_job->url, i->tar_job->etag, i->image_root, ".tar-", NULL, &i->final_path);
0d6e763b LP	228	if (r < 0)
0d6e763b LP	229	return log_oom();
0d6e763b LP	230	}
0d6e763b LP	231
dc2c282b	232	r = pull_make_local_copy(i->final_path, i->image_root, i->local, i->force_local);
0100b6e1 LP	233	if (r < 0)
	234	return r;
	235
9854730b LP	236	if (i->settings) {
	237	const char *local_settings;
	238	assert(i->settings_job);
	239
	240	if (!i->settings_path) {
	241	r = pull_make_path(i->settings_job->url, i->settings_job->etag, i->image_root, ".settings-", NULL, &i->settings_path);
	242	if (r < 0)
	243	return log_oom();
	244	}
	245
	246	local_settings = strjoina(i->image_root, "/", i->local, ".nspawn");
	247
	248	r = copy_file_atomic(i->settings_path, local_settings, 0664, i->force_local, 0);
	249	if (r == -EEXIST)
	250	log_warning_errno(r, "Settings file %s already exists, not replacing.", local_settings);
	251	else if (r < 0 && r != -ENOENT)
79b6198b LP	252	log_warning_errno(r, "Failed to copy settings files %s, ignoring: %m", local_settings);
	253	else
	254	log_info("Created new settings file '%s.nspawn'", i->local);
9854730b LP	255	}
9854730b LP	256
0d6e763b LP	257	return 0;
	258	}
	259
dc2c282b	260	static bool tar_pull_is_done(TarPull *i) {
8b71fce8 LP	261	assert(i);
	262	assert(i->tar_job);
	263
9854730b	264	if (!PULL_JOB_IS_COMPLETE(i->tar_job))
8b71fce8	265	return false;
9854730b	266	if (i->settings_job && !PULL_JOB_IS_COMPLETE(i->settings_job))
8b71fce8	267	return false;
9854730b LP	268	if (i->checksum_job && !PULL_JOB_IS_COMPLETE(i->checksum_job))
	269	return false;
	270	if (i->signature_job && !PULL_JOB_IS_COMPLETE(i->signature_job))
8b71fce8 LP	271	return false;
	272
	273	return true;
	274	}
	275
dc2c282b LP	276	static void tar_pull_job_on_finished(PullJob *j) {
dc2c282b LP	277	TarPull *i;
56ebfaf1 LP	278	int r;
	279
	280	assert(j);
	281	assert(j->userdata);
	282
	283	i = j->userdata;
9854730b LP	284
	285	if (j == i->settings_job) {
	286	if (j->error != 0)
	287	log_info_errno(j->error, "Settings file could not be retrieved, proceeding without.");
	288	} else if (j->error != 0) {
0100b6e1 LP	289	if (j == i->checksum_job)
	290	log_error_errno(j->error, "Failed to retrieve SHA256 checksum, cannot verify. (Try --verify=no?)");
	291	else if (j == i->signature_job)
	292	log_error_errno(j->error, "Failed to retrieve signature file, cannot verify. (Try --verify=no?)");
	293	else
	294	log_error_errno(j->error, "Failed to retrieve image file. (Wrong URL?)");
	295
56ebfaf1 LP	296	r = j->error;
	297	goto finish;
	298	}
	299
	300	/* This is invoked if either the download completed
	301	* successfully, or the download was skipped because we
	302	* already have the etag. */
	303
dc2c282b	304	if (!tar_pull_is_done(i))
0100b6e1 LP	305	return;
0100b6e1 LP	306
9854730b LP	307	i->tar_job->disk_fd = safe_close(i->tar_job->disk_fd);
	308	if (i->settings_job)
	309	i->settings_job->disk_fd = safe_close(i->settings_job->disk_fd);
56ebfaf1 LP	310
	311	if (i->tar_pid > 0) {
	312	r = wait_for_terminate_and_warn("tar", i->tar_pid, true);
	313	i->tar_pid = 0;
	314	if (r < 0)
	315	goto finish;
9854730b LP	316	if (r > 0) {
	317	r = -EIO;
	318	goto finish;
	319	}
56ebfaf1 LP	320	}
56ebfaf1 LP	321
0100b6e1 LP	322	if (!i->tar_job->etag_exists) {
	323	/* This is a new download, verify it, and move it into place */
	324
dc2c282b	325	tar_pull_report_progress(i, TAR_VERIFYING);
7079cfef	326
9854730b	327	r = pull_verify(i->tar_job, i->settings_job, i->checksum_job, i->signature_job);
0100b6e1 LP	328	if (r < 0)
	329	goto finish;
	330
dc2c282b	331	tar_pull_report_progress(i, TAR_FINALIZING);
7079cfef	332
b6e676ce	333	r = import_make_read_only(i->temp_path);
56ebfaf1 LP	334	if (r < 0)
	335	goto finish;
	336
f85ef957 AC	337	r = rename_noreplace(AT_FDCWD, i->temp_path, AT_FDCWD, i->final_path);
	338	if (r < 0) {
	339	log_error_errno(r, "Failed to rename to final image name: %m");
56ebfaf1 LP	340	goto finish;
56ebfaf1 LP	341	}
56ebfaf1	342
9854730b LP	343	i->temp_path = mfree(i->temp_path);
	344
	345	if (i->settings_job &&
	346	i->settings_job->error == 0 &&
	347	!i->settings_job->etag_exists) {
	348
	349	assert(i->settings_temp_path);
	350	assert(i->settings_path);
	351
	352	/* Also move the settings file into place, if
	353	* it exist. Note that we do so only if we
	354	* also moved the tar file in place, to keep
	355	* things strictly in sync. */
	356
	357	r = import_make_read_only(i->settings_temp_path);
	358	if (r < 0)
	359	goto finish;
	360
	361	r = rename_noreplace(AT_FDCWD, i->settings_temp_path, AT_FDCWD, i->settings_path);
	362	if (r < 0) {
	363	log_error_errno(r, "Failed to rename settings file: %m");
	364	goto finish;
	365	}
	366
	367	i->settings_temp_path = mfree(i->settings_temp_path);
	368	}
56ebfaf1 LP	369	}
56ebfaf1 LP	370
dc2c282b	371	tar_pull_report_progress(i, TAR_COPYING);
7079cfef	372
dc2c282b	373	r = tar_pull_make_local_copy(i);
0d6e763b LP	374	if (r < 0)
	375	goto finish;
	376
56ebfaf1 LP	377	r = 0;
	378
	379	finish:
56ebfaf1 LP	380	if (i->on_finished)
	381	i->on_finished(i, r, i->userdata);
	382	else
	383	sd_event_exit(i->event, r);
	384	}
	385
9854730b	386	static int tar_pull_job_on_open_disk_tar(PullJob *j) {
dc2c282b	387	TarPull *i;
56ebfaf1 LP	388	int r;
	389
	390	assert(j);
	391	assert(j->userdata);
	392
	393	i = j->userdata;
8b71fce8 LP	394	assert(i->tar_job == j);
	395	assert(!i->final_path);
	396	assert(!i->temp_path);
	397	assert(i->tar_pid <= 0);
56ebfaf1	398
dc2c282b	399	r = pull_make_path(j->url, j->etag, i->image_root, ".tar-", NULL, &i->final_path);
56ebfaf1 LP	400	if (r < 0)
	401	return log_oom();
	402
14bcf25c	403	r = tempfn_random(i->final_path, NULL, &i->temp_path);
56ebfaf1 LP	404	if (r < 0)
	405	return log_oom();
	406
	407	mkdir_parents_label(i->temp_path, 0700);
	408
	409	r = btrfs_subvol_make(i->temp_path);
	410	if (r == -ENOTTY) {
	411	if (mkdir(i->temp_path, 0755) < 0)
	412	return log_error_errno(errno, "Failed to create directory %s: %m", i->temp_path);
	413	} else if (r < 0)
	414	return log_error_errno(errno, "Failed to create subvolume %s: %m", i->temp_path);
8c9cfc28 LP	415	else
8c9cfc28 LP	416	(void) import_assign_pool_quota_and_warn(i->temp_path);
56ebfaf1	417
587fec42	418	j->disk_fd = import_fork_tar_x(i->temp_path, &i->tar_pid);
2c140ded LP	419	if (j->disk_fd < 0)
2c140ded LP	420	return j->disk_fd;
56ebfaf1 LP	421
	422	return 0;
	423	}
	424
9854730b LP	425	static int tar_pull_job_on_open_disk_settings(PullJob *j) {
	426	TarPull *i;
	427	int r;
	428
	429	assert(j);
	430	assert(j->userdata);
	431
	432	i = j->userdata;
	433	assert(i->settings_job == j);
	434	assert(!i->settings_path);
	435	assert(!i->settings_temp_path);
	436
	437	r = pull_make_path(j->url, j->etag, i->image_root, ".settings-", NULL, &i->settings_path);
	438	if (r < 0)
	439	return log_oom();
	440
	441	r = tempfn_random(i->settings_path, NULL, &i->settings_temp_path);
	442	if (r < 0)
	443	return log_oom();
	444
	445	mkdir_parents_label(i->settings_temp_path, 0700);
	446
	447	j->disk_fd = open(i->settings_temp_path, O_RDWR\|O_CREAT\|O_EXCL\|O_NOCTTY\|O_CLOEXEC, 0664);
	448	if (j->disk_fd < 0)
	449	return log_error_errno(errno, "Failed to create %s: %m", i->settings_temp_path);
	450
	451	return 0;
	452	}
	453
dc2c282b LP	454	static void tar_pull_job_on_progress(PullJob *j) {
dc2c282b LP	455	TarPull *i;
7079cfef LP	456
	457	assert(j);
	458	assert(j->userdata);
	459
	460	i = j->userdata;
	461
dc2c282b	462	tar_pull_report_progress(i, TAR_DOWNLOADING);
7079cfef LP	463	}
7079cfef LP	464
9854730b LP	465	int tar_pull_start(
	466	TarPull *i,
	467	const char *url,
	468	const char *local,
	469	bool force_local,
	470	ImportVerify verify,
	471	bool settings) {
	472
56ebfaf1 LP	473	int r;
	474
	475	assert(i);
9854730b LP	476	assert(verify < _IMPORT_VERIFY_MAX);
9854730b LP	477	assert(verify >= 0);
56ebfaf1	478
56ebfaf1 LP	479	if (!http_url_is_valid(url))
	480	return -EINVAL;
	481
	482	if (local && !machine_name_is_valid(local))
	483	return -EINVAL;
	484
8b71fce8 LP	485	if (i->tar_job)
	486	return -EBUSY;
	487
56ebfaf1 LP	488	r = free_and_strdup(&i->local, local);
	489	if (r < 0)
	490	return r;
9854730b	491
56ebfaf1	492	i->force_local = force_local;
0100b6e1	493	i->verify = verify;
9854730b	494	i->settings = settings;
56ebfaf1	495
9854730b	496	/* Set up download job for TAR file */
dc2c282b	497	r = pull_job_new(&i->tar_job, url, i->glue, i);
56ebfaf1 LP	498	if (r < 0)
	499	return r;
	500
dc2c282b	501	i->tar_job->on_finished = tar_pull_job_on_finished;
9854730b	502	i->tar_job->on_open_disk = tar_pull_job_on_open_disk_tar;
dc2c282b	503	i->tar_job->on_progress = tar_pull_job_on_progress;
0100b6e1	504	i->tar_job->calc_checksum = verify != IMPORT_VERIFY_NO;
26166c88	505	i->tar_job->grow_machine_directory = i->grow_machine_directory;
56ebfaf1	506
dc2c282b	507	r = pull_find_old_etags(url, i->image_root, DT_DIR, ".tar-", NULL, &i->tar_job->old_etags);
56ebfaf1 LP	508	if (r < 0)
	509	return r;
	510
9854730b LP	511	/* Set up download job for the settings file (.nspawn) */
	512	if (settings) {
	513	r = pull_make_settings_job(&i->settings_job, url, i->glue, tar_pull_job_on_finished, i);
	514	if (r < 0)
	515	return r;
	516
	517	i->settings_job->on_open_disk = tar_pull_job_on_open_disk_settings;
	518	i->settings_job->on_progress = tar_pull_job_on_progress;
	519	i->settings_job->calc_checksum = verify != IMPORT_VERIFY_NO;
	520
	521	r = pull_find_old_etags(i->settings_job->url, i->image_root, DT_REG, ".settings-", NULL, &i->settings_job->old_etags);
	522	if (r < 0)
	523	return r;
	524	}
	525
	526	/* Set up download of checksum/signature files */
dc2c282b	527	r = pull_make_verification_jobs(&i->checksum_job, &i->signature_job, verify, url, i->glue, tar_pull_job_on_finished, i);
0100b6e1 LP	528	if (r < 0)
	529	return r;
	530
dc2c282b	531	r = pull_job_begin(i->tar_job);
0100b6e1 LP	532	if (r < 0)
	533	return r;
	534
9854730b LP	535	if (i->settings_job) {
	536	r = pull_job_begin(i->settings_job);
	537	if (r < 0)
	538	return r;
	539	}
	540
0100b6e1	541	if (i->checksum_job) {
dc2c282b	542	i->checksum_job->on_progress = tar_pull_job_on_progress;
7079cfef	543
dc2c282b	544	r = pull_job_begin(i->checksum_job);
0100b6e1 LP	545	if (r < 0)
	546	return r;
	547	}
	548
	549	if (i->signature_job) {
dc2c282b	550	i->signature_job->on_progress = tar_pull_job_on_progress;
7079cfef	551
dc2c282b	552	r = pull_job_begin(i->signature_job);
0100b6e1 LP	553	if (r < 0)
	554	return r;
	555	}
	556
	557	return 0;
56ebfaf1	558	}