From patchwork Mon Jul 29 22:37:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Jakob L. Kreuze" X-Patchwork-Id: 14787 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id E00521728C; Mon, 29 Jul 2019 23:41:09 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.0 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id 924531728A for ; Mon, 29 Jul 2019 23:41:09 +0100 (BST) Received: from localhost ([::1]:56828 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsEKL-00050w-97 for patchwork@mira.cbaines.net; Mon, 29 Jul 2019 18:41:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42571) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsEKG-00050Y-ER for guix-patches@gnu.org; Mon, 29 Jul 2019 18:41:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hsEKF-0006ko-52 for guix-patches@gnu.org; Mon, 29 Jul 2019 18:41:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:40459) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hsEKF-0006kk-2F for guix-patches@gnu.org; Mon, 29 Jul 2019 18:41:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hsEKE-0000Ia-VK for guix-patches@gnu.org; Mon, 29 Jul 2019 18:41:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#36846] [PATCH] machine: Implement safety checks. Resent-From: zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze) Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 29 Jul 2019 22:41:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 36846 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 36846@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.15644400401089 (code B ref -1); Mon, 29 Jul 2019 22:41:02 +0000 Received: (at submit) by debbugs.gnu.org; 29 Jul 2019 22:40:40 +0000 Received: from localhost ([127.0.0.1]:49277 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsEJr-0000HU-GY for submit@debbugs.gnu.org; Mon, 29 Jul 2019 18:40:39 -0400 Received: from lists.gnu.org ([209.51.188.17]:46256) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hsEJo-0000HJ-OM for submit@debbugs.gnu.org; Mon, 29 Jul 2019 18:40:38 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42506) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hsEJn-0004z1-Bc for guix-patches@gnu.org; Mon, 29 Jul 2019 18:40:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hsEJm-0006MH-24 for guix-patches@gnu.org; Mon, 29 Jul 2019 18:40:35 -0400 Received: from mx.sdf.org ([205.166.94.20]:51313) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hsEJl-0006LA-PJ for guix-patches@gnu.org; Mon, 29 Jul 2019 18:40:34 -0400 Received: from Epsilon (pool-173-76-53-40.bstnma.fios.verizon.net [173.76.53.40]) (authenticated (0 bits)) by mx.sdf.org (8.15.2/8.14.5) with ESMTPSA id x6TMeVPj029909 (using TLSv1.2 with cipher AES256-GCM-SHA384 (256 bits) verified NO) for ; Mon, 29 Jul 2019 22:40:32 GMT From: zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze) Date: Mon, 29 Jul 2019 18:37:43 -0400 Message-ID: <87lfwgii14.fsf@sdf.lonestar.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 209.51.188.43 X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches * gnu/machine/ssh.scm (machine-check-file-system-availability) (machine-check-initrd-modules, check-deployment-sanity): New variable. (deploy-managed-host): Perform safety checks before deploying. --- gnu/machine/ssh.scm | 128 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 127 insertions(+), 1 deletion(-) diff --git a/gnu/machine/ssh.scm b/gnu/machine/ssh.scm index 552eafa9de..1f44783a6c 100644 --- a/gnu/machine/ssh.scm +++ b/gnu/machine/ssh.scm @@ -20,6 +20,9 @@ #:use-module (gnu machine) #:autoload (gnu packages gnupg) (guile-gcrypt) #:use-module (gnu system) + #:use-module (gnu system file-systems) + #:use-module (gnu system uuid) + #:use-module (guix diagnostics) #:use-module (guix gexp) #:use-module (guix i18n) #:use-module (guix modules) @@ -29,6 +32,7 @@ #:use-module (guix scripts system reconfigure) #:use-module (guix ssh) #:use-module (guix store) + #:use-module (guix utils) #:use-module (ice-9 match) #:use-module (srfi srfi-19) #:use-module (srfi srfi-26) @@ -98,6 +102,127 @@ an environment type of 'managed-host." (maybe-raise-unsupported-configuration-error machine) (remote-eval exp (machine-ssh-session machine))) + +;;; +;;; Safety checks. +;;; + +(define (machine-check-file-system-availability machine) + "Raise a '&message' error condition if any of the file-systems specified in +MACHINE's 'system' declaration do not exist on the machine." + (define file-systems + (filter (lambda (fs) + (and (file-system-mount? fs) + (not (member (file-system-type fs) + %pseudo-file-system-types)) + (not (memq 'bind-mount (file-system-flags fs))))) + (operating-system-file-systems (machine-system machine)))) + + (define (check-literal-file-system fs) + (define remote-exp + #~(catch 'system-error + (lambda () + (stat #$(file-system-device fs)) + #t) + (lambda args + (system-error-errno args)))) + + (mlet %store-monad ((errno (machine-remote-eval machine remote-exp))) + (when (number? errno) + (raise (condition + (&message (message (format #f (G_ "device '~a' not found: ~a") + (file-system-device fs) + (strerror errno))))))) + (return #t))) + + (define (check-labeled-file-system fs) + (define remote-exp + (with-imported-modules '((gnu build file-systems)) + #~(begin + (use-modules (gnu build file-systems)) + (find-partition-by-label #$(file-system-label->string + (file-system-device fs)))))) + + (mlet %store-monad ((result (machine-remote-eval machine remote-exp))) + (unless result + (raise (condition (&message + (message (format #f (G_ "no file system with label '~a'") + (file-system-label->string + (file-system-device fs)))))))) + (return #t))) + + (define (check-uuid-file-system fs) + (define remote-exp + (with-imported-modules '((gnu build file-systems)) + #~(begin + (use-modules (gnu build file-systems)) + (find-partition-by-uuid #$(file-system-device fs))))) + + (mlet %store-monad ((result (machine-remote-eval machine remote-exp))) + (unless result + (raise (condition (&message + (message (format #f (G_ "no file system with UUID '~a'") + (uuid->string (file-system-device fs)))))))) + (return #t))) + + (mbegin %store-monad + (mapm %store-monad check-literal-file-system + (filter (lambda (fs) + (string? (file-system-device fs))) + file-systems)) + (mapm %store-monad check-labeled-file-system + (filter (lambda (fs) + (file-system-label? (file-system-device fs))) + file-systems)) + (mapm %store-monad check-uuid-file-system + (filter (lambda (fs) + (uuid? (file-system-device fs))) + file-systems)))) + +(define (machine-check-initrd-modules machine) + "Raise a '&message' error condition if any of the modules needed by +'needed-for-boot' file systems in MACHINE are not available in the initrd." + (define file-systems + (filter file-system-needed-for-boot? + (operating-system-file-systems (machine-system machine)))) + + (define (missing-modules fs) + (define remote-exp + (let ((device (file-system-device fs))) + (with-imported-modules (source-module-closure + '((gnu build linux-modules))) + #~(begin + (use-modules (gnu build linux-modules)) + + (define dev + #$(cond ((string? device) device) + ((uuid? device) #~(find-partition-by-uuid #$device)) + ((file-system-label? device) + #~(find-partition-by-label + (file-system-label->string #$device))))) + + (missing-modules dev '#$(operating-system-initrd-modules + (machine-system machine))))))) + (mlet %store-monad ((missing (machine-remote-eval machine remote-exp))) + (return (list fs missing)))) + + (mlet %store-monad ((missing (mapm %store-monad missing-modules file-systems))) + (for-each (match-lambda + ((fs missing) + (unless (null? missing) + (raise (condition (&message + (message (format #f (G_ "~a missing modules ~{ ~a~}~%") + (file-system-device fs) missing)))))))) + missing) + (return #t))) + +(define (check-deployment-sanity machine) + "Raise a '&message' error condition if it is clear that deploying MACHINE's +'system' declaration would fail." + (mbegin %store-monad + (machine-check-file-system-availability machine) + (machine-check-initrd-modules machine))) + ;;; ;;; System deployment. @@ -165,7 +290,8 @@ of MACHINE's system profile, ordered from most recent to oldest." "Internal implementation of 'deploy-machine' for MACHINE instances with an environment type of 'managed-host." (maybe-raise-unsupported-configuration-error machine) - (mlet %store-monad ((boot-parameters (machine-boot-parameters machine))) + (mlet %store-monad ((_ (check-deployment-sanity machine)) + (boot-parameters (machine-boot-parameters machine))) (let* ((os (machine-system machine)) (eval (cut machine-remote-eval machine <>)) (menu-entries (map boot-parameters->menu-entry boot-parameters))