summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog7
-rw-r--r--src/Propellor/Bootstrap.hs17
2 files changed, 22 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 32eb7aea..41f1435c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+propellor (2.8.1) UNRELEASED; urgency=medium
+
+ * Guard against power loss etc when building propellor, by updating
+ the executable atomically.
+
+ -- Joey Hess <id@joeyh.name> Fri, 25 Sep 2015 09:21:41 -0400
+
propellor (2.8.0) unstable; urgency=medium
* Added Propellor.Property.Rsync.
diff --git a/src/Propellor/Bootstrap.hs b/src/Propellor/Bootstrap.hs
index 6812b4ab..b2cf5609 100644
--- a/src/Propellor/Bootstrap.hs
+++ b/src/Propellor/Bootstrap.hs
@@ -104,9 +104,22 @@ build = catchBoolIO $ do
void $ cabal ["configure"]
unlessM (cabal ["build"]) $
error "cabal build failed"
- nukeFile "propellor"
- createSymbolicLink "dist/build/propellor-config/propellor-config" "propellor"
+ -- For safety against eg power loss in the middle of the build,
+ -- make a copy of the binary, and move it into place atomically.
+ -- This ensures that the propellor symlink only ever points at
+ -- a binary that is fully built. Also, avoid ever removing
+ -- or breaking the symlink.
+ unlessM (boolSystem "cp" [Param cabalbuiltbin, Param (tmpfor safetycopy)]) $
+ error "cp of binary failed"
+ rename (tmpfor safetycopy) safetycopy
+ createSymbolicLink safetycopy (tmpfor dest)
+ rename (tmpfor dest) dest
return True
+ where
+ dest = "propellor"
+ cabalbuiltbin = "dist/build/propellor-config/propellor-config"
+ safetycopy = cabalbuiltbin ++ ".built"
+ tmpfor f = f ++ ".propellortmp"
make :: FilePath -> [FilePath] -> IO Bool -> IO ()
make dest srcs builder = do