shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-31 14:50:15 +03:00
Code

importd: drop dkr support

Browse Source 
The current code is not compatible with current dkr protocols anyway,
and dkr has a different focus ("microservices") than nspawn anyway
("whole machine containers"), hence drop support for it, we cannot
reasonably keep this up to date, and it creates the impression we'd
actually care for the microservices usecase.
This commit is contained in:
Lennart Poettering 2015-12-10 12:40:04 +01:00
parent 4d3f0f66e6
commit b43d75c378
14 changed files with 16 additions and 1862 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile.am
View File

@ -5021,8 +5021,6 @@ systemd_pull_SOURCES = \
src/import/pull-raw.h \
src/import/pull-tar.c \
src/import/pull-tar.h \
src/import/pull-dkr.c \
src/import/pull-dkr.h \
src/import/pull-job.c \
src/import/pull-job.h \
src/import/pull-common.c \

4
TODO
View File

@ -600,8 +600,6 @@ Features:
removed or added to an existing machine
- "machinectl migrate" or similar to copy a container from or to a
difference host, via ssh
- man: document how update dkr images works with machinectl
http://lists.freedesktop.org/archives/systemd-devel/2015-February/028630.html
- introduce systemd-nspawn-ephemeral@.service, and hook it into
"machinectl start" with a new --ephemeral switch
- "machinectl status" should also show internal logs of the container in
@ -614,8 +612,6 @@ Features:
shell in it, and marks it read-only after use
* importd:
- dkr: support tarsum checksum verification, if it becomes reality one day...
- dkr: convert json bits to nspawn configuration
- generate a nice warning if mkfs.btrfs is missing
* cryptsetup:

9
configure.ac
View File

@ -1440,14 +1440,6 @@ AC_ARG_ENABLE([split-usr],
enable_split_usr=no
])])
AC_ARG_WITH([dkr-index-url],
[AS_HELP_STRING([--dkr-index-url=URL], [Specify the default index URL to use for image downloads])],
[DEFAULT_DKR_INDEX_URL="\"$withval\""],
[DEFAULT_DKR_INDEX_URL="NULL"])
AC_DEFINE_UNQUOTED(DEFAULT_DKR_INDEX_URL, [$DEFAULT_DKR_INDEX_URL], [Default index URL to use for image downloads])
AC_SUBST(DEFAULT_DKR_INDEX_URL)
AS_IF([test "x${enable_split_usr}" = "xyes"], [
AC_DEFINE(HAVE_SPLIT_USR, 1, [Define if /bin, /sbin aren't symlinks into /usr])
])
@ -1616,7 +1608,6 @@ AC_MSG_RESULT([
Maximum System UID: ${SYSTEM_UID_MAX}
Maximum System GID: ${SYSTEM_GID_MAX}
Certificate root: ${CERTIFICATEROOT}
Default dkr Index ${DEFAULT_DKR_INDEX_URL}
CFLAGS: ${OUR_CFLAGS} ${CFLAGS}
CPPFLAGS: ${OUR_CPPFLAGS} ${CPPFLAGS}

70
man/machinectl.xml
View File

@ -264,16 +264,6 @@
image.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--dkr-index-url</option></term>
<listitem><para>Specifies the index server to use for
downloading <literal>dkr</literal> images with the
<command>pull-dkr</command>. Takes a
<literal>http://</literal>, <literal>https://</literal>
URL.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--format=</option></term>
@ -760,42 +750,6 @@
below.</para></listitem>
</varlistentry>
<varlistentry>
<term><command>pull-dkr</command> <replaceable>REMOTE</replaceable> [<replaceable>NAME</replaceable>]</term>
<listitem><para>Downloads a <literal>dkr</literal> container
image and makes it available locally. The remote name refers
to a <literal>dkr</literal> container name. If omitted, the
local machine name is derived from the <literal>dkr</literal>
container name.</para>
<para>Image verification is not available for
<literal>dkr</literal> containers, and thus
<option>--verify=no</option> must always be specified with
this command.</para>
<para>This command downloads all (missing) layers for the
specified container and places them in read-only subvolumes in
<filename>/var/lib/machines/</filename>. A writable snapshot
of the newest layer is then created under the specified local
machine name. To omit creation of this writable snapshot, pass
<literal>-</literal> as local machine name.</para>
<para>The read-only layer subvolumes are prefixed with
<filename>.dkr-</filename>, and thus not shown by
<command>list-images</command>, unless <option>--all</option>
is passed.</para>
<para>To specify the <literal>dkr</literal> index server to
use for looking up the specified container, use
<option>--dkr-index-url=</option>.</para>
<para>Note that pressing C-c during execution of this command
will not abort the download. Use
<command>cancel-transfer</command>, described
below.</para></listitem>
</varlistentry>
<varlistentry>
<term><command>import-tar</command> <replaceable>FILE</replaceable> [<replaceable>NAME</replaceable>]</term>
<term><command>import-raw</command> <replaceable>FILE</replaceable> [<replaceable>NAME</replaceable>]</term>
@ -926,12 +880,12 @@
<para>Note that many image operations are only supported,
efficient or atomic on btrfs file systems. Due to this, if the
<command>pull-tar</command>, <command>pull-raw</command>,
<command>pull-dkr</command>, <command>import-tar</command>,
<command>import-raw</command> and <command>set-limit</command>
commands notice that <filename>/var/lib/machines</filename> is
empty and not located on btrfs, they will implicitly set up a
loopback file <filename>/var/lib/machines.raw</filename>
containing a btrfs file system that is mounted to
<command>import-tar</command>, <command>import-raw</command> and
<command>set-limit</command> commands notice that
<filename>/var/lib/machines</filename> is empty and not located on
btrfs, they will implicitly set up a loopback file
<filename>/var/lib/machines.raw</filename> containing a btrfs file
system that is mounted to
<filename>/var/lib/machines</filename>. The size of this loopback
file may be controlled dynamically with
<command>set-limit</command>.</para>
@ -994,18 +948,6 @@
login prompt into the container is requested.</para>
</example>
<example>
<title>Download a Fedora <literal>dkr</literal> image</title>
<programlisting># machinectl pull-dkr --verify=no mattdm/fedora
# systemd-nspawn -M fedora</programlisting>
<para>Downloads a <literal>dkr</literal> image and opens a shell
in it. Note that the specified download command might require an
index server to be specified with the
<literal>--dkr-index-url=</literal>.</para>
</example>
<example>
<title>Exports a container image as tar file</title>

2
shell-completion/bash/machinectl
View File

@ -40,7 +40,7 @@ _machinectl() {
)
local -A VERBS=(
[STANDALONE]='list list-images pull-tar pull-raw pull-dkr import-tar import-raw export-tar export-raw list-transfers cancel-transfer'
[STANDALONE]='list list-images pull-tar pull-raw import-tar import-raw export-tar export-raw list-transfers cancel-transfer'
[MACHINES]='status show start login shell enable disable poweroff reboot terminate kill copy-to copy-from image-status show-image clone rename read-only remove set-limit'
)

4
shell-completion/zsh/_machinectl
View File

@ -44,7 +44,6 @@ _available_machines() {
"pull-tar:Download a TAR container image"
"pull-raw:Download a RAW container or VM image"
"pull-dkr:Download a DKR container image"
"list-transfers:Show list of downloads in progress"
"cancel-transfer:Cancel a download"
)
@ -57,7 +56,7 @@ _available_machines() {
if (( $#cmd )); then
if (( CURRENT == 2 )); then
case $cmd in
list*|cancel-transfer|pull-tar|pull-raw|pull-dkr)
list*|cancel-transfer|pull-tar|pull-raw)
msg="no options" ;;
start)
_available_machines ;;
@ -97,5 +96,4 @@ _arguments \
{-o+,--output=}'[Change journal output mode.]:output modes:_sd_outputmodes' \
'--verify=[Verification mode for downloaded images.]:verify:(no checksum signature)' \
'--force[Download image even if already exists.]' \
'--dkr-index-url=[Specify the index URL to use for DKR image downloads.]' \
'*::machinectl command:_machinectl_command'

123
src/import/importd.c
View File

@ -55,7 +55,6 @@ typedef enum TransferType {
TRANSFER_EXPORT_RAW,
TRANSFER_PULL_TAR,
TRANSFER_PULL_RAW,
TRANSFER_PULL_DKR,
_TRANSFER_TYPE_MAX,
_TRANSFER_TYPE_INVALID = -1,
} TransferType;
@ -74,7 +73,6 @@ struct Transfer {
bool force_local;
bool read_only;
char *dkr_index_url;
char *format;
pid_t pid;
@ -117,7 +115,6 @@ static const char* const transfer_type_table[_TRANSFER_TYPE_MAX] = {
[TRANSFER_EXPORT_RAW] = "export-raw",
[TRANSFER_PULL_TAR] = "pull-tar",
[TRANSFER_PULL_RAW] = "pull-raw",
[TRANSFER_PULL_DKR] = "pull-dkr",
};
DEFINE_PRIVATE_STRING_TABLE_LOOKUP_TO_STRING(transfer_type, TransferType);
@ -134,7 +131,6 @@ static Transfer *transfer_unref(Transfer *t) {
free(t->remote);
free(t->local);
free(t->dkr_index_url);
free(t->format);
free(t->object_path);
@ -383,12 +379,11 @@ static int transfer_start(Transfer *t) {
if (t->pid == 0) {
const char *cmd[] = {
NULL, /* systemd-import, systemd-export or systemd-pull */
NULL, /* tar, raw, dkr */
NULL, /* tar, raw */
NULL, /* --verify= */
NULL, /* verify argument */
NULL, /* maybe --force */
NULL, /* maybe --read-only */
NULL, /* maybe --dkr-index-url */
NULL, /* if so: the actual URL */
NULL, /* maybe --format= */
NULL, /* if so: the actual format */
@ -471,10 +466,8 @@ static int transfer_start(Transfer *t) {
if (IN_SET(t->type, TRANSFER_IMPORT_TAR, TRANSFER_EXPORT_TAR, TRANSFER_PULL_TAR))
cmd[k++] = "tar";
else if (IN_SET(t->type, TRANSFER_IMPORT_RAW, TRANSFER_EXPORT_RAW, TRANSFER_PULL_RAW))
cmd[k++] = "raw";
else
cmd[k++] = "dkr";
cmd[k++] = "raw";
if (t->verify != _IMPORT_VERIFY_INVALID) {
cmd[k++] = "--verify";
@ -486,11 +479,6 @@ static int transfer_start(Transfer *t) {
if (t->read_only)
cmd[k++] = "--read-only";
if (t->dkr_index_url) {
cmd[k++] = "--dkr-index-url";
cmd[k++] = t->dkr_index_url;
}
if (t->format) {
cmd[k++] = "--format";
cmd[k++] = t->format;
@ -707,7 +695,7 @@ static int manager_new(Manager **ret) {
return 0;
}
static Transfer *manager_find(Manager *m, TransferType type, const char *dkr_index_url, const char *remote) {
static Transfer *manager_find(Manager *m, TransferType type, const char *remote) {
Transfer *t;
Iterator i;
@ -718,8 +706,7 @@ static Transfer *manager_find(Manager *m, TransferType type, const char *dkr_ind
HASHMAP_FOREACH(t, m->transfers, i) {
if (t->type == type &&
streq_ptr(t->remote, remote) &&
streq_ptr(t->dkr_index_url, dkr_index_url))
streq_ptr(t->remote, remote))
return t;
}
@ -907,7 +894,7 @@ static int method_pull_tar_or_raw(sd_bus_message *msg, void *userdata, sd_bus_er
type = streq_ptr(sd_bus_message_get_member(msg), "PullTar") ? TRANSFER_PULL_TAR : TRANSFER_PULL_RAW;
if (manager_find(m, type, NULL, remote))
if (manager_find(m, type, remote))
return sd_bus_error_setf(error, BUS_ERROR_TRANSFER_IN_PROGRESS, "Transfer for %s already in progress.", remote);
r = transfer_new(m, &t);
@ -939,105 +926,6 @@ static int method_pull_tar_or_raw(sd_bus_message *msg, void *userdata, sd_bus_er
return sd_bus_reply_method_return(msg, "uo", id, object);
}
static int method_pull_dkr(sd_bus_message *msg, void *userdata, sd_bus_error *error) {
_cleanup_(transfer_unrefp) Transfer *t = NULL;
const char *index_url, *remote, *tag, *local, *verify, *object;
Manager *m = userdata;
ImportVerify v;
int force, r;
uint32_t id;
assert(msg);
assert(m);
r = bus_verify_polkit_async(
msg,
CAP_SYS_ADMIN,
"org.freedesktop.import1.pull",
NULL,
false,
UID_INVALID,
&m->polkit_registry,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* Will call us back */
r = sd_bus_message_read(msg, "sssssb", &index_url, &remote, &tag, &local, &verify, &force);
if (r < 0)
return r;
if (isempty(index_url))
index_url = DEFAULT_DKR_INDEX_URL;
if (!index_url)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Index URL must be specified.");
if (!http_url_is_valid(index_url))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Index URL %s is invalid", index_url);
if (!dkr_name_is_valid(remote))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Remote name %s is not valid", remote);
if (isempty(tag))
tag = "latest";
else if (!dkr_tag_is_valid(tag))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Tag %s is not valid", tag);
if (isempty(local))
local = NULL;
else if (!machine_name_is_valid(local))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Local name %s is invalid", local);
if (isempty(verify))
v = IMPORT_VERIFY_SIGNATURE;
else
v = import_verify_from_string(verify);
if (v < 0)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unknown verification mode %s", verify);
if (v != IMPORT_VERIFY_NO)
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "DKR does not support verification.");
r = setup_machine_directory((uint64_t) -1, error);
if (r < 0)
return r;
if (manager_find(m, TRANSFER_PULL_DKR, index_url, remote))
return sd_bus_error_setf(error, BUS_ERROR_TRANSFER_IN_PROGRESS, "Transfer for %s already in progress.", remote);
r = transfer_new(m, &t);
if (r < 0)
return r;
t->type = TRANSFER_PULL_DKR;
t->verify = v;
t->force_local = force;
t->dkr_index_url = strdup(index_url);
if (!t->dkr_index_url)
return -ENOMEM;
t->remote = strjoin(remote, ":", tag, NULL);
if (!t->remote)
return -ENOMEM;
if (local) {
t->local = strdup(local);
if (!t->local)
return -ENOMEM;
}
r = transfer_start(t);
if (r < 0)
return r;
object = t->object_path;
id = t->id;
t = NULL;
return sd_bus_reply_method_return(msg, "uo", id, object);
}
static int method_list_transfers(sd_bus_message *msg, void *userdata, sd_bus_error *error) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
Manager *m = userdata;
@ -1188,7 +1076,6 @@ static const sd_bus_vtable manager_vtable[] = {
SD_BUS_METHOD("ExportRaw", "shs", "uo", method_export_tar_or_raw, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("PullTar", "sssb", "uo", method_pull_tar_or_raw, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("PullRaw", "sssb", "uo", method_pull_tar_or_raw, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("PullDkr", "sssssb", "uo", method_pull_dkr, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("ListTransfers", NULL, "a(usssdo)", method_list_transfers, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("CancelTransfer", "u", NULL, method_cancel_transfer, SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_SIGNAL("TransferNew", "uo", 0),

4
src/import/org.freedesktop.import1.conf
View File

@ -52,10 +52,6 @@
send_interface="org.freedesktop.import1.Manager"
send_member="PullRaw"/>
<allow send_destination="org.freedesktop.import1"
send_interface="org.freedesktop.import1.Manager"
send_member="PullDkr"/>
<allow send_destination="org.freedesktop.import1"
send_interface="org.freedesktop.import1.Transfer"
send_member="Cancel"/>

1346
src/import/pull-dkr.c
View File

File diff suppressed because it is too large Load Diff

38
src/import/pull-dkr.h
View File

@ -1,38 +0,0 @@
/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
/***
This file is part of systemd.
Copyright 2014 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
#pragma once
#include "sd-event.h"
#include "util.h"
typedef enum { DKR_PULL_V1, DKR_PULL_V2 } DkrPullVersion;
typedef struct DkrPull DkrPull;
typedef void (*DkrPullFinished)(DkrPull *pull, int error, void *userdata);
int dkr_pull_new(DkrPull **pull, sd_event *event, const char *index_url, const char *image_root, DkrPullFinished on_finished, void *userdata);
DkrPull* dkr_pull_unref(DkrPull *pull);
DEFINE_TRIVIAL_CLEANUP_FUNC(DkrPull*, dkr_pull_unref);
int dkr_pull_start(DkrPull *pull, const char *name, const char *tag, const char *local, bool force_local, DkrPullVersion version);

128
src/import/pull.c
View File

@ -28,7 +28,6 @@
#include "import-util.h"
#include "machine-image.h"
#include "parse-util.h"
#include "pull-dkr.h"
#include "pull-raw.h"
#include "pull-tar.h"
#include "signal-util.h"
@ -39,7 +38,6 @@
static bool arg_force = false;
static const char *arg_image_root = "/var/lib/machines";
static ImportVerify arg_verify = IMPORT_VERIFY_SIGNATURE;
static const char* arg_dkr_index_url = DEFAULT_DKR_INDEX_URL;
static bool arg_settings = true;
static int interrupt_signal_handler(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
@ -220,114 +218,6 @@ static int pull_raw(int argc, char *argv[], void *userdata) {
return -r;
}
static void on_dkr_finished(DkrPull *pull, int error, void *userdata) {
sd_event *event = userdata;
assert(pull);
if (error == 0)
log_info("Operation completed successfully.");
sd_event_exit(event, abs(error));
}
static int pull_dkr(int argc, char *argv[], void *userdata) {
_cleanup_(dkr_pull_unrefp) DkrPull *pull = NULL;
_cleanup_(sd_event_unrefp) sd_event *event = NULL;
const char *name, *reference, *local, *digest;
int r;
if (!arg_dkr_index_url) {
log_error("Please specify an index URL with --dkr-index-url=");
return -EINVAL;
}
if (arg_verify != IMPORT_VERIFY_NO) {
log_error("Pulls from dkr do not support image verification, please pass --verify=no.");
return -EINVAL;
}
digest = strchr(argv[1], '@');
if (digest) {
reference = digest + 1;
name = strndupa(argv[1], digest - argv[1]);
} else {
reference = strchr(argv[1], ':');
if (reference) {
name = strndupa(argv[1], reference - argv[1]);
reference++;
} else {
name = argv[1];
reference = "latest";
}
}
if (!dkr_name_is_valid(name)) {
log_error("Remote name '%s' is not valid.", name);
return -EINVAL;
}
if (!dkr_ref_is_valid(reference)) {
log_error("Tag name '%s' is not valid.", reference);
return -EINVAL;
}
if (argc >= 3)
local = argv[2];
else {
local = strchr(name, '/');
if (local)
local++;
else
local = name;
}
if (isempty(local) || streq(local, "-"))
local = NULL;
if (local) {
if (!machine_name_is_valid(local)) {
log_error("Local image name '%s' is not valid.", local);
return -EINVAL;
}
if (!arg_force) {
r = image_find(local, NULL);
if (r < 0)
return log_error_errno(r, "Failed to check whether image '%s' exists: %m", local);
else if (r > 0) {
log_error_errno(EEXIST, "Image '%s' already exists.", local);
return -EEXIST;
}
}
log_info("Pulling '%s' with reference '%s', saving as '%s'.", name, reference, local);
} else
log_info("Pulling '%s' with reference '%s'.", name, reference);
r = sd_event_default(&event);
if (r < 0)
return log_error_errno(r, "Failed to allocate event loop: %m");
assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGTERM, SIGINT, -1) >= 0);
(void) sd_event_add_signal(event, NULL, SIGTERM, interrupt_signal_handler, NULL);
(void) sd_event_add_signal(event, NULL, SIGINT, interrupt_signal_handler, NULL);
r = dkr_pull_new(&pull, event, arg_dkr_index_url, arg_image_root, on_dkr_finished, event);
if (r < 0)
return log_error_errno(r, "Failed to allocate puller: %m");
r = dkr_pull_start(pull, name, reference, local, arg_force, DKR_PULL_V2);
if (r < 0)
return log_error_errno(r, "Failed to pull image: %m");
r = sd_event_loop(event);
if (r < 0)
return log_error_errno(r, "Failed to run event loop: %m");
log_info("Exiting.");
return -r;
}
static int help(int argc, char *argv[], void *userdata) {
printf("%s [OPTIONS...] {COMMAND} ...\n\n"
@ -338,12 +228,10 @@ static int help(int argc, char *argv[], void *userdata) {
" --verify=MODE Verify downloaded image, one of: 'no',\n"
" 'checksum', 'signature'\n"
" --settings=BOOL Download settings file with image\n"
" --image-root=PATH Image root directory\n"
" --dkr-index-url=URL Specify index URL to use for downloads\n\n"
" --image-root=PATH Image root directory\n\n"
"Commands:\n"
" tar URL [NAME] Download a TAR image\n"
" raw URL [NAME] Download a RAW image\n"
" dkr REMOTE [NAME] Download a DKR image\n",
" raw URL [NAME] Download a RAW image\n",
program_invocation_short_name);
return 0;
@ -354,7 +242,6 @@ static int parse_argv(int argc, char *argv[]) {
enum {
ARG_VERSION = 0x100,
ARG_FORCE,
ARG_DKR_INDEX_URL,
ARG_IMAGE_ROOT,
ARG_VERIFY,
ARG_SETTINGS,
@ -364,7 +251,6 @@ static int parse_argv(int argc, char *argv[]) {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "force", no_argument, NULL, ARG_FORCE },
{ "dkr-index-url", required_argument, NULL, ARG_DKR_INDEX_URL },
{ "image-root", required_argument, NULL, ARG_IMAGE_ROOT },
{ "verify", required_argument, NULL, ARG_VERIFY },
{ "settings", required_argument, NULL, ARG_SETTINGS },
@ -390,15 +276,6 @@ static int parse_argv(int argc, char *argv[]) {
arg_force = true;
break;
case ARG_DKR_INDEX_URL:
if (!http_url_is_valid(optarg)) {
log_error("Index URL is not valid: %s", optarg);
return -EINVAL;
}
arg_dkr_index_url = optarg;
break;
case ARG_IMAGE_ROOT:
arg_image_root = optarg;
break;
@ -436,7 +313,6 @@ static int pull_main(int argc, char *argv[]) {
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "tar", 2, 3, 0, pull_tar },
{ "raw", 2, 3, 0, pull_raw },
{ "dkr", 2, 3, 0, pull_dkr },
{}
};

90
src/machine/machinectl.c
View File

@ -78,7 +78,6 @@ static unsigned arg_lines = 10;
static OutputMode arg_output = OUTPUT_SHORT;
static bool arg_force = false;
static ImportVerify arg_verify = IMPORT_VERIFY_SIGNATURE;
static const char* arg_dkr_index_url = NULL;
static const char* arg_format = NULL;
static const char *arg_uid = NULL;
static char **arg_setenv = NULL;
@ -2166,78 +2165,6 @@ static int pull_raw(int argc, char *argv[], void *userdata) {
return transfer_image_common(bus, m);
}
static int pull_dkr(int argc, char *argv[], void *userdata) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
const char *local, *remote, *tag;
sd_bus *bus = userdata;
int r;
if (arg_verify != IMPORT_VERIFY_NO) {
log_error("Imports from DKR do not support image verification, please pass --verify=no.");
return -EINVAL;
}
remote = argv[1];
tag = strchr(remote, ':');
if (tag) {
remote = strndupa(remote, tag - remote);
tag++;
}
if (!dkr_name_is_valid(remote)) {
log_error("DKR name '%s' is invalid.", remote);
return -EINVAL;
}
if (tag && !dkr_tag_is_valid(tag)) {
log_error("DKR tag '%s' is invalid.", remote);
return -EINVAL;
}
if (argc >= 3)
local = argv[2];
else {
local = strchr(remote, '/');
if (local)
local++;
else
local = remote;
}
if (isempty(local) || streq(local, "-"))
local = NULL;
if (local) {
if (!machine_name_is_valid(local)) {
log_error("Local name %s is not a suitable machine name.", local);
return -EINVAL;
}
}
r = sd_bus_message_new_method_call(
bus,
&m,
"org.freedesktop.import1",
"/org/freedesktop/import1",
"org.freedesktop.import1.Manager",
"PullDkr");
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_append(
m,
"sssssb",
arg_dkr_index_url,
remote,
tag,
local,
import_verify_to_string(arg_verify),
arg_force);
if (r < 0)
return bus_log_create_error(r);
return transfer_image_common(bus, m);
}
typedef struct TransferInfo {
uint32_t id;
const char *type;
@ -2452,9 +2379,7 @@ static int help(int argc, char *argv[], void *userdata) {
" json-pretty, json-sse, cat)\n"
" --verify=MODE Verification mode for downloaded images (no,\n"
" checksum, signature)\n"
" --force Download image even if already exists\n"
" --dkr-index-url=URL Specify the index URL to use for DKR image\n"
" downloads\n\n"
" --force Download image even if already exists\n\n"
"Machine Commands:\n"
" list List running VMs and containers\n"
" status NAME... Show VM/container details\n"
@ -2486,7 +2411,6 @@ static int help(int argc, char *argv[], void *userdata) {
"Image Transfer Commands:\n"
" pull-tar URL [NAME] Download a TAR container image\n"
" pull-raw URL [NAME] Download a RAW container or VM image\n"
" pull-dkr REMOTE [NAME] Download a DKR container image\n"
" import-tar FILE [NAME] Import a local TAR container image\n"
" import-raw FILE [NAME] Import a local RAW container or VM image\n"
" export-tar NAME [FILE] Export a TAR container image locally\n"
@ -2510,7 +2434,6 @@ static int parse_argv(int argc, char *argv[]) {
ARG_NO_ASK_PASSWORD,
ARG_VERIFY,
ARG_FORCE,
ARG_DKR_INDEX_URL,
ARG_FORMAT,
ARG_UID,
ARG_SETENV,
@ -2536,7 +2459,6 @@ static int parse_argv(int argc, char *argv[]) {
{ "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD },
{ "verify", required_argument, NULL, ARG_VERIFY },
{ "force", no_argument, NULL, ARG_FORCE },
{ "dkr-index-url", required_argument, NULL, ARG_DKR_INDEX_URL },
{ "format", required_argument, NULL, ARG_FORMAT },
{ "uid", required_argument, NULL, ARG_UID },
{ "setenv", required_argument, NULL, ARG_SETENV },
@ -2650,15 +2572,6 @@ static int parse_argv(int argc, char *argv[]) {
arg_force = true;
break;
case ARG_DKR_INDEX_URL:
if (!http_url_is_valid(optarg)) {
log_error("Index URL is invalid: %s", optarg);
return -EINVAL;
}
arg_dkr_index_url = optarg;
break;
case ARG_FORMAT:
if (!STR_IN_SET(optarg, "uncompressed", "xz", "gzip", "bzip2")) {
log_error("Unknown format: %s", optarg);
@ -2725,7 +2638,6 @@ static int machinectl_main(int argc, char *argv[], sd_bus *bus) {
{ "export-raw", 2, 3, 0, export_raw },
{ "pull-tar", 2, 3, 0, pull_tar },
{ "pull-raw", 2, 3, 0, pull_raw },
{ "pull-dkr", 2, 3, 0, pull_dkr },
{ "list-transfers", VERB_ANY, 1, 0, list_transfers },
{ "cancel-transfer", 2, VERB_ANY, 0, cancel_transfer },
{ "set-limit", 2, 3, 0, set_limit },

52
src/shared/import-util.c
View File

@ -160,58 +160,6 @@ int raw_strip_suffixes(const char *p, char **ret) {
return 0;
}
bool dkr_digest_is_valid(const char *digest) {
/* 7 chars for prefix, 64 chars for the digest itself */
if (strlen(digest) != 71)
return false;
return startswith(digest, "sha256:") && in_charset(digest + 7, "0123456789abcdef");
}
bool dkr_ref_is_valid(const char *ref) {
const char *colon;
if (isempty(ref))
return false;
colon = strchr(ref, ':');
if (!colon)
return filename_is_valid(ref);
return dkr_digest_is_valid(ref);
}
bool dkr_name_is_valid(const char *name) {
const char *slash, *p;
if (isempty(name))
return false;
slash = strchr(name, '/');
if (!slash)
return false;
if (!filename_is_valid(slash + 1))
return false;
p = strndupa(name, slash - name);
if (!filename_is_valid(p))
return false;
return true;
}
bool dkr_id_is_valid(const char *id) {
if (!filename_is_valid(id))
return false;
if (!in_charset(id, "0123456789abcdef"))
return false;
return true;
}
int import_assign_pool_quota_and_warn(const char *path) {
int r;

6
src/shared/import-util.h
View File

@ -42,10 +42,4 @@ ImportVerify import_verify_from_string(const char *s) _pure_;
int tar_strip_suffixes(const char *name, char **ret);
int raw_strip_suffixes(const char *name, char **ret);
bool dkr_name_is_valid(const char *name);
bool dkr_id_is_valid(const char *id);
bool dkr_ref_is_valid(const char *ref);
bool dkr_digest_is_valid(const char *digest);
#define dkr_tag_is_valid(tag) filename_is_valid(tag)
int import_assign_pool_quota_and_warn(const char *path);