summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/DiskImage.hs
diff options
context:
space:
mode:
authorJoey Hess2015-11-17 15:22:29 -0400
committerJoey Hess2015-11-17 15:22:29 -0400
commitb75db5ae653b7b87859e582528df9b03aa5366f1 (patch)
treea7662a19f733ae044ef5ffe083d41b32ba4a488d /src/Propellor/Property/DiskImage.hs
parentd796284d8bb483a89bf3d65d198a890a62090d96 (diff)
DiskImage creation automatically uses Chroot.noServices.
Diffstat (limited to 'src/Propellor/Property/DiskImage.hs')
-rw-r--r--src/Propellor/Property/DiskImage.hs13
1 files changed, 11 insertions, 2 deletions
diff --git a/src/Propellor/Property/DiskImage.hs b/src/Propellor/Property/DiskImage.hs
index 5b8619ba..4878c365 100644
--- a/src/Propellor/Property/DiskImage.hs
+++ b/src/Propellor/Property/DiskImage.hs
@@ -1,8 +1,6 @@
-- | Disk image generation.
--
-- This module is designed to be imported unqualified.
---
--- TODO avoid starting services while populating chroot and running final
module Propellor.Property.DiskImage (
-- * Partition specification
@@ -69,6 +67,11 @@ type DiskImage = FilePath
-- Note that the disk image file is reused if it already exists,
-- to avoid expensive IO to generate a new one. And, it's updated in-place,
-- so its contents are undefined during the build process.
+--
+-- Note that the `Chroot.noServices` property is automatically added to the
+-- chroot while the disk image is being built, which should prevent any
+-- daemons that are included from being started on the system that is
+-- building the disk image.
imageBuilt :: DiskImage -> (FilePath -> Chroot) -> TableType -> Finalization -> [PartSpec] -> RevertableProperty HasInfo
imageBuilt = imageBuilt' False
@@ -93,6 +96,9 @@ imageBuilt' rebuild img mkchroot tabletype final partspec =
| otherwise = doNothing
chrootdir = img ++ ".chroot"
chroot = mkchroot chrootdir
+ -- Before ensuring any other properties of the chroot, avoid
+ -- starting services. Reverted by imageFinalized.
+ &^ Chroot.noServices
-- First stage finalization.
& fst final
-- Avoid wasting disk image space on the apt cache
@@ -227,6 +233,7 @@ imageFinalized (_, final) mnts mntopts devs (PartTable _ parts) =
go top = do
liftIO $ mountall top
liftIO $ writefstab top
+ liftIO $ allowservices top
ensureProperty $ final top devs
-- Ordered lexographically by mount point, so / comes before /usr
@@ -260,6 +267,8 @@ imageFinalized (_, final) mnts mntopts devs (PartTable _ parts) =
-- Eg "UNCONFIGURED FSTAB FOR BASE SYSTEM"
unconfigured s = "UNCONFIGURED" `isInfixOf` s
+ allowservices top = nukeFile (top ++ "/usr/sbin/policy-rc.d")
+
noFinalization :: Finalization
noFinalization = (doNothing, \_ _ -> doNothing)