aboutsummaryrefslogtreecommitdiff
path: root/src/connection
Commit message (Collapse)AuthorAge
...
* :LOCAL CONNECTION-WRITEFILE: use UIOP:RENAME-FILE-OVERWRITING-TARGETSean Whitton2021-08-31
| | | | | | Avoids starting an external process. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* use UIOP:XDG-CACHE-HOMESean Whitton2021-08-31
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* LOCAL-CONNECTION docstring: connection is not always the root LispSean Whitton2021-08-31
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add CONNECTION-READFILE-AND-REMOVE to improve RUN performanceSean Whitton2021-08-31
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* cache XDG_CACHE_HOME as a connattrSean Whitton2021-08-31
| | | | | | This should provide a performance improvement. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* don't fail when stderr from POST-FORK grandchild process is emptySean Whitton2021-08-22
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* fix comments about -c argument to su(1)Sean Whitton2021-07-24
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* return type in FOREIGN-FUNCALL of geteuid(2) is unsignedSean Whitton2021-07-24
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SETUID: ensure we chdir(2) before we setuid(2)Sean Whitton2021-07-24
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SUDO: ensure that stdin is a pipe, never a real fileSean Whitton2021-07-24
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* ensure subdeployment lines properly indentedSean Whitton2021-07-24
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SETUID connection: also call initgroups(3)Sean Whitton2021-07-24
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* call POST-FORK before WITH-FORK-CONTROLSean Whitton2021-07-24
| | | | | | | This ensures that the fork control child is in the same context as its parent -- for example, that they're both chrooted. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* UNWIND-PROTECT-IN-PARENT -> UNWIND-PROTECTSean Whitton2021-07-24
| | | | | | No longer needed thanks to f4e9170e73cb4bcfa7328422b4ff4f72d1339dd0. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* new approach to calling fork(2) in remote Lisp imagesSean Whitton2021-07-24
| | | | | | | | | | | Drop CAN-PROBABLY-FORK because we now only try to fork(2) in contexts in which there shouldn't ever be any other threads running, apart from Lisp implementation finaliser threads and the like. We no longer need to RESET-DATA-SOURCES before CONTINUE-DEPLOY* because we now only fork(2) in contexts in which *NO-DATA-SOURCES* is t. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* factor out MOUNTPOINTPSean Whitton2021-07-10
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* move /run out from MOUNT:*STANDARD-LINUX-VFS*Sean Whitton2021-07-10
| | | | | | Bind-mounting /run is really a chroot connection-specific operation. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* chroot connections: unmount lazilySean Whitton2021-07-10
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* capture fork child stderr & include in call to FAILED-CHANGESean Whitton2021-07-10
| | | | | | | | | | | | | This mirrors what we do with stderr from remote Lisp images. Before this change, when a remote Lisp image forks, the child's stderr is sent to the parent's stderr. But if the parent exits successfully its stderr is discarded (see the :SBCL connection). So if the child failed but the FAILED-CHANGE was handled, perhaps because the fork occurs within SEQPROPS, the user has no way to get at the child's error output. After this change, the error output should be printed to stdout by WITH-SKIP-FAILED-CHANGES. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* signal SKIPPED-PROPERTIES & factor out interpreting exit codesSean Whitton2021-07-10
| | | | | | | | | | | | Unconditionally signalling FAILED-CHANGE does not make sense because perhaps the type of condition C is not a subtype of SIMPLE-CONDITION. Moreover, when we invoke the SKIP-PROPERTY restart we do not actually pass the condition. For simplicity, and since all we need is notification that a SKIP-PROPERTY restart was invoked, instead define and signal a special-purpose condition. Additionally, use an exit code to pass the signal between Lisp images. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add INSTALLER:CLEANLY-INSTALLED-ONCE & some utilsSean Whitton2021-07-10
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SBCL: drop unneeded IGNORING-HOSTATTRSSean Whitton2021-07-07
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SBCL: don't assume that *HOST*'s OS applies to intermediate hopsSean Whitton2021-07-07
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SBCL: fix looking for sbcl(1) already on PATHSean Whitton2021-07-07
| | | | | | | | | | The old :CHECK subroutine was meant to enable successfully applying SBCL-AVAILABLE to arbitrary hosts where sbcl(1) is already on PATH, but that does not work because the use of OS:ETYPECASE signals an error at :HOSTATTRS time if *HOST*'s OS is not known to be a subtype of OS:DEBIANLIKE. So move the check for sbcl(1) on PATH outside of any property application. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* fix manpage sections for mount(8), umount(8) and findmnt(8)Sean Whitton2021-07-06
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* factor out MOUNT:*{STANDARD-LINUX,LINUX-EFIVARS}-VFS*Sean Whitton2021-07-06
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* chroot mounts: assert that /dev is udev devtmpfsSean Whitton2021-07-06
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add POSIX-LOGIN-ENVIRONMENT and use in :SETUID connectionSean Whitton2021-07-06
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* use AND not IFSean Whitton2021-06-28
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* report whether FAILED-CHANGE, :NO-CHANGE or something else at endSean Whitton2021-06-28
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SBCL connection: propagate :NO-CHANGESean Whitton2021-06-05
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* restore STRIPLN when finding the datadir inside chrootSean Whitton2021-05-31
| | | | | | Accidentally removed in b914693a33ffcf0764ea9bc87bcc573e5ddf9943. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SUDO: preserve SSH_AUTH_SOCK when sudoing to rootSean Whitton2021-05-30
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* drop two unnecessary package name qualificationsSean Whitton2021-05-25
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add TODOs about non-portable uses of su(1)Sean Whitton2021-05-23
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* convert CONNECTION slots to connattrs & fix finding homedirsSean Whitton2021-05-23
| | | | | | | | | | | | HOME does not take into account /etc/passwd inside the chroot, even when starting a login shell with, e.g., "chroot /chroot sh -lc 'echo $HOME'" -- we would need something which emulates login(1), like su(1), but the -c argument to su(1) is not portable. getent(1) is not POSIX. So use tilde expansion. Additionally, avoid having UPLOAD-ALL-PREREQUISITE-DATA store values for the remote UID, remote homedir etc. from *before* the chroot/setuid operation. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* separately upload, compile and load each ASDF systemSean Whitton2021-05-17
| | | | | | | | | | This avoids recompiling unchanged systems on every deploy, which makes for a decent performance boost, especially on systems with less processing power. Drop the idea of relying on distribution packages on the remote side -- we want to use the same version of the source as is running in the root Lisp. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* fix --no-userinit sbcl(1) optionSean Whitton2021-05-15
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* fix finding the data cache in chrootsSean Whitton2021-05-10
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add missing call to FRESH-LINE in fork connection parentSean Whitton2021-05-06
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* use ~S not ~A when printing the program we sentSean Whitton2021-05-06
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* reflect *MOUNT-BELOW* in OPENED-FILESYSTEM valuesSean Whitton2021-04-30
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* chroot connections: set up bind mounts and virtual filesystemsSean Whitton2021-04-30
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* one package for :CHROOT, :CHROOT.FORK and :CHROOT.SHELLSean Whitton2021-04-30
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add :OPENED-VOLUMES connattrSean Whitton2021-04-30
| | | | | | | hostattrs don't make sense for this, as it should be possible to gather all hostattrs without examining the host. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* CONTINUE-DEPLOY* connections: push a new connection objectSean Whitton2021-04-30
| | | | | | This is cleaner than resetting certain slot values. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* capture child stdout in case *STANDARD-OUTPUT* has been reboundSean Whitton2021-04-26
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :SSH connection: fix broken ssh -fNSean Whitton2021-04-18
| | | | | | | | | - Previous command did not include the username. - In some scenarios ssh -fN does not exit, and we can achieve our purpose of confirming that we can authenticate just by calling the ":" builtin. Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* :CHROOT.SHELL connection type: cope with pathnames for chroot rootSean Whitton2021-04-16
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
* add WITH-THESE-OPEN-VOLUMES macro property combinatorSean Whitton2021-04-16
| | | | Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-15 18:42:27 +0000