| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
| |
For consistency with FILE:CONTAINS-* properties.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
|
| |
Initial intended application is checking data source IDEN1. This could be
done as a one-liner with a more complex regex, but that seems harder to debug.
Signed-off-by: David Bremner <david@tethera.net>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
|
| |
To do common tasks like adding users in an idempotent way requires some
non-obvious incantations, so it is worth providing properties for these tasks.
Signed-off-by: David Bremner <david@tethera.net>
|
| |
|
|
|
|
|
| |
This allows the user to conveniently maintain a set of files in their consfig
tree (or elsewhere) for deployment as data.
Signed-off-by: David Bremner <david@tethera.net>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
|
|
|
| |
*CONSFIG* is meant to be an optional feature, and this should make it easier
to write code which doesn't use it. For example, code running in an
IMAGE-DUMPED image might use (deploy-these :local ...) to build a propspec,
but *PACKAGE* is likely to be COMMON-LISP-USER, not the user's consfig.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change was prompted by the realisation that RECONNECTS nullifies any
enclosing SERVICE:WITHOUT-STARTING-SERVICES because *HOST* during RECONNECTS
is a distinct HOST value, computed at hostattrs time, which can't be affected
by an enclosing combinator that works by temporarily pushing hostattrs at
:APPLY time. So, for example, if we chroot and subsequently establish a
:SETUID connection, properties might try to start services as the non-root
user and there is no way for them to know they shouldn't.
We can avoid this problem by using a connattr instead because we have a
mechanism for propagating connattrs to subsequently established connections.
And as in most cases the reason for not starting services is solely due to the
way in which we're connecting to the host, a connattr is more appropriate.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
| |
This simplifies the API.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
|
|
|
| |
This avoids some cases of interference between the deployment of the chroot
and other system activity. For example, before this change, the
:ALWAYS-DEPLOYS option to LIBVIRT:KVM-BOOTS-CHROOT{,-FOR} could interact with
Virtiofs in such a way as to break the running VM.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this change we handle the situation in which we don't know the OS of a
host on which we need to install system packages more cleanly than before.
Also rely on the new PACKAGE:INSTALLED to install the OS bootstrapper in
INSTALLER:CLEANLY-INSTALLED-ONCE. This allows us to simplify usage of the
property by replacing the ORIGINAL-OS argument with ORIGINAL-OS-ARCHITECTURE.
Making this change does mean that we now have two ways to specify the
different names a package has on different OSs: (i) something like
OS:ETYPECASE where each branch applies a property which invokes an OS-specific
package manager; and (ii) the plists supplied to PACKAGE:INSTALLED.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
| |
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We establish a SKIP-PROPERTY restart for each sequencing combinator, such that
in addition to skipping over individual property applications, it is possible
to abandon the whole sequence. However, that restart discards information
about whether or not a change was made by the property applications of the
abandoned sequence prior to the property application interrupted by an error.
The new SKIP-SEQUENCE restart preserves this information by returning from the
DOLIST in APPLY-AND-PRINT.
The implementation of the SKIP-SEQUENCE restart must take into account the
fact that the property application interrupted by the error might have made a
change prior to failing. In particular, the new restart must not cause the
sequencing combinator to return :NO-CHANGE unless it can infer that the
property application interrupted by an error made no change. To achieve this,
capture whether the interrupted property application made a change by
introducing a distinction between plain FAILED-CHANGE and a new condition
class, ABORTED-CHANGE.
These changes permit the implementation of a new combinator, ESEQPROPS-UNTIL,
which invokes SKIP-SEQUENCE when a given condition is signalled. The new
combinator is like SEQPROPS in that it allows for continuing the deployment
despite a signalling of FAILED-CHANGE, but it is like ESEQPROPS in not
attempting to apply succeeding propapps. It also offers finer-grained control
over what kinds of failures are to be tolerated than does SEQPROPS. When the
condition is ABORTED-CHANGE or a subclass, ESEQPROPS-UNTIL returns information
about whether or not a change was made by the property applications of the
abandoned sequence prior to the property application that was interrupted,
enabling useful combinations with ON-CHANGE.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
|
