From 6bfcb080bf5b0eb0ed7bf9d908c298d664570bf1 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 11 Jun 2016 20:35:09 +0900 Subject: Exoscale.distroKernel --- src/Propellor/Property/HostingProvider/Exoscale.hs | 23 ++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 src/Propellor/Property/HostingProvider/Exoscale.hs (limited to 'src') diff --git a/src/Propellor/Property/HostingProvider/Exoscale.hs b/src/Propellor/Property/HostingProvider/Exoscale.hs new file mode 100644 index 00000000..afa3e1b7 --- /dev/null +++ b/src/Propellor/Property/HostingProvider/Exoscale.hs @@ -0,0 +1,23 @@ +-- | Maintainer: Sean Whitton + +module Propellor.Property.HostingProvider.Exoscale ( + distroKernel, +) where + +import Propellor.Base +import qualified Propellor.Property.Grub as Grub +import qualified Propellor.Property.Apt as Apt +import qualified Propellor.Property.Reboot as Reboot + +-- | Current Exoshare Debian image doesn't install GRUB, so this property makes +-- sure GRUB is installed and we're running the distro's kernel +-- +-- We reboot after doing this because 'Sbuild.built' will fail to set up an +-- overlay-type chroot on an old kernel +distroKernel :: Architecture -> Property DebianLike +distroKernel arch = Grub.installed' Grub.PC + `before` Apt.installed ["linux-image-" ++ arch] + `before` Grub.boots "/dev/vda" + `before` Grub.mkConfig + `before` Reboot.now + `flagFile` "/etc/propellor-grub" -- cgit v1.2.3 From 11b82cdaf22402d500d82671fb26550137e8a168 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 11 Jun 2016 22:30:53 +0900 Subject: attempt to fix Exoscale.distroKernel flag file --- src/Propellor/Property/HostingProvider/Exoscale.hs | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/HostingProvider/Exoscale.hs b/src/Propellor/Property/HostingProvider/Exoscale.hs index afa3e1b7..f7d676d0 100644 --- a/src/Propellor/Property/HostingProvider/Exoscale.hs +++ b/src/Propellor/Property/HostingProvider/Exoscale.hs @@ -15,9 +15,10 @@ import qualified Propellor.Property.Reboot as Reboot -- We reboot after doing this because 'Sbuild.built' will fail to set up an -- overlay-type chroot on an old kernel distroKernel :: Architecture -> Property DebianLike -distroKernel arch = Grub.installed' Grub.PC - `before` Apt.installed ["linux-image-" ++ arch] - `before` Grub.boots "/dev/vda" - `before` Grub.mkConfig - `before` Reboot.now - `flagFile` "/etc/propellor-grub" +distroKernel arch = combineProperties "boots distro kernel" $ props + & Grub.installed' Grub.PC + & Apt.installed ["linux-image-" ++ arch] + & Grub.boots "/dev/vda" + & flagFile + (Grub.mkConfig `before` Reboot.now) + "/etc/propellor-distro-kernel" -- cgit v1.2.3 From 397204fb1910fad31ead2ed1ba1e226f088856c5 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 11 Jun 2016 23:00:39 +0900 Subject: include more in flag file --- src/Propellor/Property/HostingProvider/Exoscale.hs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/HostingProvider/Exoscale.hs b/src/Propellor/Property/HostingProvider/Exoscale.hs index f7d676d0..a123c54a 100644 --- a/src/Propellor/Property/HostingProvider/Exoscale.hs +++ b/src/Propellor/Property/HostingProvider/Exoscale.hs @@ -18,7 +18,9 @@ distroKernel :: Architecture -> Property DebianLike distroKernel arch = combineProperties "boots distro kernel" $ props & Grub.installed' Grub.PC & Apt.installed ["linux-image-" ++ arch] - & Grub.boots "/dev/vda" + -- only these ones are not idempotent so need flag file & flagFile - (Grub.mkConfig `before` Reboot.now) + (Grub.boots "/dev/vda" + `before` Grub.mkConfig + `before` Reboot.now) "/etc/propellor-distro-kernel" -- cgit v1.2.3 From 5423d7a5e25907d126944921fff0fba2451cf11b Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 09:41:23 +0900 Subject: factor out reboot code from DigitalOcean.hs --- .../Property/HostingProvider/DigitalOcean.hs | 25 +------------- src/Propellor/Property/Reboot.hs | 38 +++++++++++++++++++++- 2 files changed, 38 insertions(+), 25 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/HostingProvider/DigitalOcean.hs b/src/Propellor/Property/HostingProvider/DigitalOcean.hs index c1e0ffc9..084faa36 100644 --- a/src/Propellor/Property/HostingProvider/DigitalOcean.hs +++ b/src/Propellor/Property/HostingProvider/DigitalOcean.hs @@ -7,8 +7,6 @@ import qualified Propellor.Property.Apt as Apt import qualified Propellor.Property.File as File import qualified Propellor.Property.Reboot as Reboot -import Data.List - -- | Digital Ocean does not provide any way to boot -- the kernel provided by the distribution, except using kexec. -- Without this, some old, and perhaps insecure kernel will be used. @@ -25,25 +23,4 @@ distroKernel = propertyList "digital ocean distro kernel hack" $ props [ "LOAD_KEXEC=true" , "USE_GRUB_CONFIG=true" ] `describe` "kexec configured" - & check (not <$> runningInstalledKernel) Reboot.now - `describe` "running installed kernel" - -runningInstalledKernel :: IO Bool -runningInstalledKernel = do - kernelver <- takeWhile (/= '\n') <$> readProcess "uname" ["-r"] - when (null kernelver) $ - error "failed to read uname -r" - kernelimages <- concat <$> mapM kernelsIn ["/", "/boot/"] - when (null kernelimages) $ - error "failed to find any installed kernel images" - findVersion kernelver <$> - readProcess "file" ("-L" : kernelimages) - --- | File output looks something like this, we want to unambiguously --- match the running kernel version: --- Linux kernel x86 boot executable bzImage, version 3.16-3-amd64 (debian-kernel@lists.debian.org) #1 SMP Debian 3.1, RO-rootFS, swap_dev 0x2, Normal VGA -findVersion :: String -> String -> Bool -findVersion ver s = (" version " ++ ver ++ " ") `isInfixOf` s - -kernelsIn :: FilePath -> IO [FilePath] -kernelsIn d = filter ("vmlinu" `isInfixOf`) <$> dirContents d + & Reboot.toDistroKernel diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index 5b854fa3..b1d76613 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -1,7 +1,13 @@ -module Propellor.Property.Reboot where +module Propellor.Property.Reboot ( + now, + atEnd, + toDistroKernel, +) where import Propellor.Base +import Data.List + now :: Property Linux now = tightenTargets $ cmdProperty "reboot" [] `assume` MadeChange @@ -28,3 +34,33 @@ atEnd force resultok = property "scheduled reboot at end of propellor run" $ do rebootparams | force = [Param "--force"] | otherwise = [] + +-- | Reboots immediately if a kernel other than the distro-installed kernel is +-- running. +-- +-- This will only work if you have taken measures to ensure that the other +-- kernel won't just get booted again. See 'Propellor.Property.DigitalOcean' +-- for an example. +toDistroKernel :: Property DebianLike +toDistroKernel = check (not <$> runningInstalledKernel) now + `describe` "running installed kernel" + +runningInstalledKernel :: IO Bool +runningInstalledKernel = do + kernelver <- takeWhile (/= '\n') <$> readProcess "uname" ["-r"] + when (null kernelver) $ + error "failed to read uname -r" + kernelimages <- concat <$> mapM kernelsIn ["/", "/boot/"] + when (null kernelimages) $ + error "failed to find any installed kernel images" + findVersion kernelver <$> + readProcess "file" ("-L" : kernelimages) + +-- | File output looks something like this, we want to unambiguously +-- match the running kernel version: +-- Linux kernel x86 boot executable bzImage, version 3.16-3-amd64 (debian-kernel@lists.debian.org) #1 SMP Debian 3.1, RO-rootFS, swap_dev 0x2, Normal VGA +findVersion :: String -> String -> Bool +findVersion ver s = (" version " ++ ver ++ " ") `isInfixOf` s + +kernelsIn :: FilePath -> IO [FilePath] +kernelsIn d = filter ("vmlinu" `isInfixOf`) <$> dirContents d -- cgit v1.2.3 From e20599639212ca6223f94a88dbff6641ed54234f Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 09:47:23 +0900 Subject: re-organise Exoscale.distroKernel --- src/Propellor/Property/HostingProvider/Exoscale.hs | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/HostingProvider/Exoscale.hs b/src/Propellor/Property/HostingProvider/Exoscale.hs index a123c54a..6bf19cbc 100644 --- a/src/Propellor/Property/HostingProvider/Exoscale.hs +++ b/src/Propellor/Property/HostingProvider/Exoscale.hs @@ -5,6 +5,7 @@ module Propellor.Property.HostingProvider.Exoscale ( ) where import Propellor.Base +import qualified Propellor.Property.File as File import qualified Propellor.Property.Grub as Grub import qualified Propellor.Property.Apt as Apt import qualified Propellor.Property.Reboot as Reboot @@ -15,12 +16,13 @@ import qualified Propellor.Property.Reboot as Reboot -- We reboot after doing this because 'Sbuild.built' will fail to set up an -- overlay-type chroot on an old kernel distroKernel :: Architecture -> Property DebianLike -distroKernel arch = combineProperties "boots distro kernel" $ props - & Grub.installed' Grub.PC - & Apt.installed ["linux-image-" ++ arch] - -- only these ones are not idempotent so need flag file - & flagFile - (Grub.boots "/dev/vda" - `before` Grub.mkConfig - `before` Reboot.now) - "/etc/propellor-distro-kernel" +distroKernel arch = go `flagFile` theFlagFile + where + go = combineProperties "boots distro kernel" $ props + & Apt.installed ["grub2", "linux-image-" ++ arch] + & Grub.boots "/dev/vda" + & Grub.mkConfig + -- Since we're rebooting we have to manually create the flagfile + & File.hasContent theFlagFile [""] + & Reboot.toDistroKernel + theFlagFile = "/etc/propellor-distro-kernel" -- cgit v1.2.3 From ff1fc058c230ad0cf34d1faf3acfd5c64682e278 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 09:54:04 +0900 Subject: toKernelNewerThan skeleton --- src/Propellor/Property/Reboot.hs | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index b1d76613..78c253d2 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -2,12 +2,15 @@ module Propellor.Property.Reboot ( now, atEnd, toDistroKernel, + toKernelNewerThan, ) where import Propellor.Base import Data.List +data Version = String + now :: Property Linux now = tightenTargets $ cmdProperty "reboot" [] `assume` MadeChange @@ -45,6 +48,15 @@ toDistroKernel :: Property DebianLike toDistroKernel = check (not <$> runningInstalledKernel) now `describe` "running installed kernel" +-- | Given a kernel version string @v@, reboots immediately if the running +-- kernel version is strictly less than @v@ and the installed kernel version is +-- greater than or equal to @v@ +-- +-- This is useful when upgrading to a new version of Debian where you need to +-- ensure that a new enough kernel is running before ensuring other properties. +toKernelNewerThan :: Version -> Property DebianLike +toKernelNewerThan v = undefined + runningInstalledKernel :: IO Bool runningInstalledKernel = do kernelver <- takeWhile (/= '\n') <$> readProcess "uname" ["-r"] -- cgit v1.2.3 From 655cb124a8db04361a60dee5e4e908f125c42e8b Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 10:14:03 +0900 Subject: factor out some code I will use --- src/Propellor/Property/Reboot.hs | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index 78c253d2..343ee25b 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -9,7 +9,7 @@ import Propellor.Base import Data.List -data Version = String +type KernelVersion = String now :: Property Linux now = tightenTargets $ cmdProperty "reboot" [] @@ -59,19 +59,25 @@ toKernelNewerThan v = undefined runningInstalledKernel :: IO Bool runningInstalledKernel = do - kernelver <- takeWhile (/= '\n') <$> readProcess "uname" ["-r"] + kernelver <- runningKernelVersion when (null kernelver) $ error "failed to read uname -r" - kernelimages <- concat <$> mapM kernelsIn ["/", "/boot/"] + kernelimages <- installedKernelImages when (null kernelimages) $ error "failed to find any installed kernel images" findVersion kernelver <$> readProcess "file" ("-L" : kernelimages) +runningKernelVersion :: IO KernelVersion +runningKernelVersion = takeWhile (/= '\n') <$> readProcess "uname" ["-r"] + +installedKernelImages :: IO [String] +installedKernelImages = concat <$> mapM kernelsIn ["/", "/boot/"] + -- | File output looks something like this, we want to unambiguously -- match the running kernel version: -- Linux kernel x86 boot executable bzImage, version 3.16-3-amd64 (debian-kernel@lists.debian.org) #1 SMP Debian 3.1, RO-rootFS, swap_dev 0x2, Normal VGA -findVersion :: String -> String -> Bool +findVersion :: KernelVersion -> KernelVersion -> Bool findVersion ver s = (" version " ++ ver ++ " ") `isInfixOf` s kernelsIn :: FilePath -> IO [FilePath] -- cgit v1.2.3 From 5e224ff3c0bf2bb8e47f0b024f8105555047dcb2 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 10:14:11 +0900 Subject: toKernelNewerThan prop --- src/Propellor/Property/Reboot.hs | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index 343ee25b..41234489 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -8,6 +8,7 @@ module Propellor.Property.Reboot ( import Propellor.Base import Data.List +import Data.Version type KernelVersion = String @@ -49,13 +50,27 @@ toDistroKernel = check (not <$> runningInstalledKernel) now `describe` "running installed kernel" -- | Given a kernel version string @v@, reboots immediately if the running --- kernel version is strictly less than @v@ and the installed kernel version is --- greater than or equal to @v@ +-- kernel version is strictly less than @v@ and there is an installed kernel +-- version is greater than or equal to @v@ +-- +-- This assumes that the installed kernel with the highest version number is the +-- one that will be started if we reboot. -- -- This is useful when upgrading to a new version of Debian where you need to -- ensure that a new enough kernel is running before ensuring other properties. -toKernelNewerThan :: Version -> Property DebianLike -toKernelNewerThan v = undefined +toKernelNewerThan :: KernelVersion -> Property DebianLike +toKernelNewerThan ver = property' ("reboot to kernel newer than " ++ ver) $ \w -> + ifM (liftIO $ newerKernelAvailable (Prelude.read ver)) + (ensureProperty w now, noChange) + +newerKernelAvailable :: Version -> IO Bool +newerKernelAvailable wantV = do + runningV <- Prelude.read <$> runningKernelVersion + kernelImages <- installedKernelImages + when (null kernelImages) $ + error "failed to find any installed kernel images" + let installedV = maximum $ Prelude.read <$> kernelImages + return $ installedV >= wantV && runningV < wantV runningInstalledKernel :: IO Bool runningInstalledKernel = do -- cgit v1.2.3 From 4a7448e9f22586419e3b9aefd8baa35fffa880b0 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 11:00:10 +0900 Subject: attempt to actually extract kernel version --- src/Propellor/Property/Reboot.hs | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index 41234489..d3b2d372 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -8,6 +8,7 @@ module Propellor.Property.Reboot ( import Propellor.Base import Data.List +import Data.String.Utils (split) import Data.Version type KernelVersion = String @@ -69,7 +70,8 @@ newerKernelAvailable wantV = do kernelImages <- installedKernelImages when (null kernelImages) $ error "failed to find any installed kernel images" - let installedV = maximum $ Prelude.read <$> kernelImages + let installedV = maximum $ + Prelude.read . extractKernelVersion <$> kernelImages return $ installedV >= wantV && runningV < wantV runningInstalledKernel :: IO Bool @@ -97,3 +99,9 @@ findVersion ver s = (" version " ++ ver ++ " ") `isInfixOf` s kernelsIn :: FilePath -> IO [FilePath] kernelsIn d = filter ("vmlinu" `isInfixOf`) <$> dirContents d + +-- TODO this is way too crude +extractKernelVersion :: String -> KernelVersion +extractKernelVersion s = + concat . reverse . drop 1 . reverse . drop 1 $ + split "-" s -- cgit v1.2.3 From 69a3ded2f0f6f968220f87cc54850a450e77a124 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 11:02:22 +0900 Subject: also remove any that didn't have versions in name --- src/Propellor/Property/Reboot.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index d3b2d372..84cf3fc6 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -103,5 +103,5 @@ kernelsIn d = filter ("vmlinu" `isInfixOf`) <$> dirContents d -- TODO this is way too crude extractKernelVersion :: String -> KernelVersion extractKernelVersion s = - concat . reverse . drop 1 . reverse . drop 1 $ + concat . filter (/= "") . reverse . drop 1 . reverse . drop 1 $ split "-" s -- cgit v1.2.3 From 9b88909410a86db981f7750cfd8ffeb98d3a8480 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 11:18:49 +0900 Subject: rework newerKernelAvailable --- src/Propellor/Property/Reboot.hs | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index 84cf3fc6..01a1add1 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -8,7 +8,6 @@ module Propellor.Property.Reboot ( import Propellor.Base import Data.List -import Data.String.Utils (split) import Data.Version type KernelVersion = String @@ -64,14 +63,11 @@ toKernelNewerThan ver = property' ("reboot to kernel newer than " ++ ver) $ \w - ifM (liftIO $ newerKernelAvailable (Prelude.read ver)) (ensureProperty w now, noChange) +-- TODO avoid Prelude.read newerKernelAvailable :: Version -> IO Bool newerKernelAvailable wantV = do runningV <- Prelude.read <$> runningKernelVersion - kernelImages <- installedKernelImages - when (null kernelImages) $ - error "failed to find any installed kernel images" - let installedV = maximum $ - Prelude.read . extractKernelVersion <$> kernelImages + installedV <- maximum . map Prelude.read <$> installedKernelVersions return $ installedV >= wantV && runningV < wantV runningInstalledKernel :: IO Bool @@ -94,14 +90,19 @@ installedKernelImages = concat <$> mapM kernelsIn ["/", "/boot/"] -- | File output looks something like this, we want to unambiguously -- match the running kernel version: -- Linux kernel x86 boot executable bzImage, version 3.16-3-amd64 (debian-kernel@lists.debian.org) #1 SMP Debian 3.1, RO-rootFS, swap_dev 0x2, Normal VGA -findVersion :: KernelVersion -> KernelVersion -> Bool +findVersion :: KernelVersion -> String -> Bool findVersion ver s = (" version " ++ ver ++ " ") `isInfixOf` s +installedKernelVersions :: IO [KernelVersion] +installedKernelVersions = do + kernelimages <- installedKernelImages + when (null kernelimages) $ + error "failed to find any installed kernel images" + imageLines <- lines <$> readProcess "file" ("-L" : kernelimages) + return $ extractKernelVersion <$> imageLines + kernelsIn :: FilePath -> IO [FilePath] kernelsIn d = filter ("vmlinu" `isInfixOf`) <$> dirContents d --- TODO this is way too crude extractKernelVersion :: String -> KernelVersion -extractKernelVersion s = - concat . filter (/= "") . reverse . drop 1 . reverse . drop 1 $ - split "-" s +extractKernelVersion = unwords . take 1 . dropWhile (/= "version") . words -- cgit v1.2.3 From 6c6a0c6d4bbff707203a66ec2be2ef70ccccb69c Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 11:44:47 +0900 Subject: fix extracting kernel version string --- src/Propellor/Property/Reboot.hs | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index 01a1add1..c3a1fb87 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -1,3 +1,5 @@ +{-# LANGUAGE OverloadedStrings #-} + module Propellor.Property.Reboot ( now, atEnd, @@ -9,6 +11,7 @@ import Propellor.Base import Data.List import Data.Version +import Text.ParserCombinators.ReadP type KernelVersion = String @@ -60,14 +63,13 @@ toDistroKernel = check (not <$> runningInstalledKernel) now -- ensure that a new enough kernel is running before ensuring other properties. toKernelNewerThan :: KernelVersion -> Property DebianLike toKernelNewerThan ver = property' ("reboot to kernel newer than " ++ ver) $ \w -> - ifM (liftIO $ newerKernelAvailable (Prelude.read ver)) + ifM (liftIO $ newerKernelAvailable (readVersion ver)) (ensureProperty w now, noChange) --- TODO avoid Prelude.read newerKernelAvailable :: Version -> IO Bool newerKernelAvailable wantV = do - runningV <- Prelude.read <$> runningKernelVersion - installedV <- maximum . map Prelude.read <$> installedKernelVersions + runningV <- readVersion <$> runningKernelVersion + installedV <- maximum . map readVersion <$> installedKernelVersions return $ installedV >= wantV && runningV < wantV runningInstalledKernel :: IO Bool @@ -105,4 +107,9 @@ kernelsIn :: FilePath -> IO [FilePath] kernelsIn d = filter ("vmlinu" `isInfixOf`) <$> dirContents d extractKernelVersion :: String -> KernelVersion -extractKernelVersion = unwords . take 1 . dropWhile (/= "version") . words +extractKernelVersion = + unwords . take 1 . drop 1 . dropWhile (/= "version") . words + +-- TODO properly handle error here +readVersion :: String -> Version +readVersion s = (fst . Prelude.last) $ readP_to_S parseVersion s -- cgit v1.2.3 From 5a671a0841a8557e569f82748eb1eabb01b6c42e Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 11:59:03 +0900 Subject: toKernelNewerThan can give FailedChange --- src/Propellor/Property/Reboot.hs | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index c3a1fb87..2d4319d9 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -14,6 +14,7 @@ import Data.Version import Text.ParserCombinators.ReadP type KernelVersion = String +data KernelAvailable = Running | Installed | Unavailable now :: Property Linux now = tightenTargets $ cmdProperty "reboot" [] @@ -62,15 +63,23 @@ toDistroKernel = check (not <$> runningInstalledKernel) now -- This is useful when upgrading to a new version of Debian where you need to -- ensure that a new enough kernel is running before ensuring other properties. toKernelNewerThan :: KernelVersion -> Property DebianLike -toKernelNewerThan ver = property' ("reboot to kernel newer than " ++ ver) $ \w -> - ifM (liftIO $ newerKernelAvailable (readVersion ver)) - (ensureProperty w now, noChange) - -newerKernelAvailable :: Version -> IO Bool +toKernelNewerThan ver = + property' ("reboot to kernel newer than " ++ ver) $ \w -> do + available <- liftIO $ newerKernelAvailable (readVersion ver) + case available of + Running -> noChange + Installed -> ensureProperty w now + Unavailable -> return FailedChange + +newerKernelAvailable :: Version -> IO KernelAvailable newerKernelAvailable wantV = do runningV <- readVersion <$> runningKernelVersion installedV <- maximum . map readVersion <$> installedKernelVersions - return $ installedV >= wantV && runningV < wantV + if runningV >= wantV + then return Running + else if installedV >= wantV && runningV < wantV + then return Installed + else return Unavailable runningInstalledKernel :: IO Bool runningInstalledKernel = do -- cgit v1.2.3 From e782cdfc64f9c3491f5f81101bd4e5e3de761eb8 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 12:02:47 +0900 Subject: bring IO code into propellor monad --- src/Propellor/Property/Reboot.hs | 25 +++++++++---------------- 1 file changed, 9 insertions(+), 16 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index 2d4319d9..aa762629 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -14,7 +14,6 @@ import Data.Version import Text.ParserCombinators.ReadP type KernelVersion = String -data KernelAvailable = Running | Installed | Unavailable now :: Property Linux now = tightenTargets $ cmdProperty "reboot" [] @@ -65,21 +64,15 @@ toDistroKernel = check (not <$> runningInstalledKernel) now toKernelNewerThan :: KernelVersion -> Property DebianLike toKernelNewerThan ver = property' ("reboot to kernel newer than " ++ ver) $ \w -> do - available <- liftIO $ newerKernelAvailable (readVersion ver) - case available of - Running -> noChange - Installed -> ensureProperty w now - Unavailable -> return FailedChange - -newerKernelAvailable :: Version -> IO KernelAvailable -newerKernelAvailable wantV = do - runningV <- readVersion <$> runningKernelVersion - installedV <- maximum . map readVersion <$> installedKernelVersions - if runningV >= wantV - then return Running - else if installedV >= wantV && runningV < wantV - then return Installed - else return Unavailable + let wantV = readVersion ver + runningV <- readVersion <$> liftIO runningKernelVersion + installedV <- maximum . map readVersion <$> + liftIO installedKernelVersions + if runningV >= wantV then noChange + else if installedV >= wantV && runningV < wantV + then ensureProperty w now + else error "newer kernel not installed" + >> return FailedChange runningInstalledKernel :: IO Bool runningInstalledKernel = do -- cgit v1.2.3 From 9ff72b7a974e5cae031b96ec9c2cf2df604acc8f Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 12:49:38 +0900 Subject: handle errors when parsing kernel version strings --- src/Propellor/Property/Reboot.hs | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index aa762629..f30621d4 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -1,5 +1,3 @@ -{-# LANGUAGE OverloadedStrings #-} - module Propellor.Property.Reboot ( now, atEnd, @@ -64,15 +62,16 @@ toDistroKernel = check (not <$> runningInstalledKernel) now toKernelNewerThan :: KernelVersion -> Property DebianLike toKernelNewerThan ver = property' ("reboot to kernel newer than " ++ ver) $ \w -> do - let wantV = readVersion ver - runningV <- readVersion <$> liftIO runningKernelVersion - installedV <- maximum . map readVersion <$> - liftIO installedKernelVersions + wantV <- tryReadVersion ver + runningV <- tryReadVersion =<< liftIO runningKernelVersion + installedV <- maximum <$> + (mapM tryReadVersion =<< liftIO installedKernelVersions) if runningV >= wantV then noChange - else if installedV >= wantV && runningV < wantV + else if installedV >= wantV then ensureProperty w now - else error "newer kernel not installed" - >> return FailedChange + else errorMessage ("kernel newer than " + ++ ver + ++ " not installed") runningInstalledKernel :: IO Bool runningInstalledKernel = do @@ -112,6 +111,13 @@ extractKernelVersion :: String -> KernelVersion extractKernelVersion = unwords . take 1 . drop 1 . dropWhile (/= "version") . words --- TODO properly handle error here -readVersion :: String -> Version -readVersion s = (fst . Prelude.last) $ readP_to_S parseVersion s +-- adapted from Utility.PartialPrelude.readish +readVersionMaybe :: KernelVersion -> Maybe Version +readVersionMaybe ver = case readP_to_S parseVersion ver of + ((x,_):_) -> Just x + _ -> Nothing + +tryReadVersion :: KernelVersion -> Propellor Version +tryReadVersion ver = case readVersionMaybe ver of + Just x -> return x + Nothing -> errorMessage ("couldn't parse version " ++ ver) -- cgit v1.2.3 From da8b19ea5b31637dd6a05bf662bf636b9c3e4910 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 13:01:40 +0900 Subject: explanatory comments --- src/Propellor/Property/Reboot.hs | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/Reboot.hs b/src/Propellor/Property/Reboot.hs index f30621d4..7733c0d2 100644 --- a/src/Propellor/Property/Reboot.hs +++ b/src/Propellor/Property/Reboot.hs @@ -45,17 +45,19 @@ atEnd force resultok = property "scheduled reboot at end of propellor run" $ do -- -- This will only work if you have taken measures to ensure that the other -- kernel won't just get booted again. See 'Propellor.Property.DigitalOcean' --- for an example. +-- for an example of how to do this. toDistroKernel :: Property DebianLike toDistroKernel = check (not <$> runningInstalledKernel) now `describe` "running installed kernel" -- | Given a kernel version string @v@, reboots immediately if the running -- kernel version is strictly less than @v@ and there is an installed kernel --- version is greater than or equal to @v@ +-- version is greater than or equal to @v@. Dies if the requested kernel +-- version is not installed. -- --- This assumes that the installed kernel with the highest version number is the --- one that will be started if we reboot. +-- For this to be useful, you need to have ensured that the installed kernel +-- with the highest version number is the one that will be started after a +-- reboot. -- -- This is useful when upgrading to a new version of Debian where you need to -- ensure that a new enough kernel is running before ensuring other properties. @@ -69,6 +71,10 @@ toKernelNewerThan ver = if runningV >= wantV then noChange else if installedV >= wantV then ensureProperty w now + -- We error out here because other properties + -- may be incorrectly ensured on a version + -- that's too old. E.g. Sbuild.built can fail + -- to add the config line `union-type=overlay` else errorMessage ("kernel newer than " ++ ver ++ " not installed") -- cgit v1.2.3 From 5e65dc8abe3237fdc189d8a80d3eb3e193369011 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sun, 12 Jun 2016 13:34:23 +0900 Subject: improve Exoscale prop haddock --- src/Propellor/Property/HostingProvider/Exoscale.hs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/Propellor/Property/HostingProvider/Exoscale.hs b/src/Propellor/Property/HostingProvider/Exoscale.hs index 6bf19cbc..c6244d46 100644 --- a/src/Propellor/Property/HostingProvider/Exoscale.hs +++ b/src/Propellor/Property/HostingProvider/Exoscale.hs @@ -10,11 +10,15 @@ import qualified Propellor.Property.Grub as Grub import qualified Propellor.Property.Apt as Apt import qualified Propellor.Property.Reboot as Reboot --- | Current Exoshare Debian image doesn't install GRUB, so this property makes --- sure GRUB is installed and we're running the distro's kernel +-- | The current Exoshare Debian image doesn't install GRUB, so this property +-- makes sure GRUB is installed and correctly configured -- --- We reboot after doing this because 'Sbuild.built' will fail to set up an --- overlay-type chroot on an old kernel +-- In case an old, insecure kernel is running, we check for an old kernel +-- version and reboot immediately if one is found. +-- +-- Note that we ignore anything after the first hyphen when considering whether +-- the running kernel's version is older than the Debian-supplied kernel's +-- version. distroKernel :: Architecture -> Property DebianLike distroKernel arch = go `flagFile` theFlagFile where -- cgit v1.2.3