From bf9d7ed723517034449af5e4c2857897ccaddbfb Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Mon, 24 May 2021 17:08:50 -0700 Subject: add CONSFIGURATOR.PROPERTY.CONTAINER Signed-off-by: Sean Whitton --- consfigurator.asd | 1 + src/package.lisp | 6 ++++ src/property/chroot.lisp | 12 ++++---- src/property/container.lisp | 69 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 83 insertions(+), 5 deletions(-) create mode 100644 src/property/container.lisp diff --git a/consfigurator.asd b/consfigurator.asd index 0d8afcf..3ba1e9c 100644 --- a/consfigurator.asd +++ b/consfigurator.asd @@ -30,6 +30,7 @@ (:file "src/property/cmd") (:file "src/property/file") (:file "src/property/os") + (:file "src/property/container") (:file "src/property/mount") (:file "src/property/service") (:file "src/property/apt") diff --git a/src/package.lisp b/src/package.lisp index 4d71382..a84520a 100644 --- a/src/package.lisp +++ b/src/package.lisp @@ -298,6 +298,11 @@ #:required #:supports-arch-p)) +(defpackage :consfigurator.property.container + (:use #:cl #:consfigurator) + (:export #:contained + #:when-contained)) + (defpackage :consfigurator.property.mount (:use #:cl #:alexandria #:consfigurator) (:local-nicknames (#:os #:consfigurator.property.os) @@ -355,6 +360,7 @@ (:local-nicknames (#:service #:consfigurator.property.service) (#:apt #:consfigurator.property.apt) (#:os #:consfigurator.property.os) + (#:container #:consfigurator.property.container) (#:file #:consfigurator.property.file)) (:shadow #:deploys #:deploys. #:deploys-these #:deploys-these.) (:export #:deploys diff --git a/src/property/chroot.lisp b/src/property/chroot.lisp index d655c2b..510288a 100644 --- a/src/property/chroot.lisp +++ b/src/property/chroot.lisp @@ -58,11 +58,13 @@ (defmethod %make-child-host ((host unpreprocessed-host)) (let ((propspec (host-propspec host))) - (make-child-host :hostattrs (hostattrs host) - :propspec (make-propspec - :systems (propspec-systems propspec) - :propspec `(service:without-starting-services - ,(propspec-props propspec)))))) + (make-child-host + :hostattrs (hostattrs host) + :propspec (make-propspec + :systems (propspec-systems propspec) + :propspec `(service:without-starting-services + (container:contained :filesystem) + ,(propspec-props propspec)))))) (defproplist deploys :lisp (root host &optional additional-properties) "Like DEPLOYS with first argument `((:chroot :into ,root)), but disable diff --git a/src/property/container.lisp b/src/property/container.lisp new file mode 100644 index 0000000..2c06dbd --- /dev/null +++ b/src/property/container.lisp @@ -0,0 +1,69 @@ +;;; Consfigurator -- Lisp declarative configuration management system + +;;; Copyright (C) 2021 Sean Whitton + +;;; This file is free software; you can redistribute it and/or modify +;;; it under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3, or (at your option) +;;; any later version. + +;;; This file is distributed in the hope that it will be useful, +;;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. + +;;; You should have received a copy of the GNU General Public License +;;; along with this program. If not, see . + +(in-package :consfigurator.property.container) +(named-readtables:in-readtable :consfigurator) + +;;;; Container-related hostattrs + +;;; The main purpose of these utilities is to permit conditionalising on what +;;; things are contained, to avoid affecting the host system outside the +;;; container in undesirable ways. For example, avoiding changing the host +;;; system's hostname because the chroot is for a system with a different +;;; hostname (but still updating /etc/hostname inside the chroot). + +(defprop contained :posix (&rest contained) + "Indicate that each of CONTAINED, a list of symbols, is isolated from the host +system of this container, and so may be changed without fear of affecting the +outside host. + +Also implicitly marks this host as a container, such that property combinators +which care about what's contained will not assume that they're running outside +of any container. + +This property is usually set by properties which establish containers, like +CHROOT:OS-BOOTSTRAPPED, rather than being added to DEFHOST forms." + (:desc (format nil "~{~(~S~)~^, ~} ~:*~1{~#[are~;is~:;are~]~} contained" + contained)) + (:hostattrs (apply #'push-hostattrs 'iscontained contained))) + +(defmacro when-contained ((&rest contained) &body propapps) + "Macro property combinator. Apply each of PROPAPPS only when outside of any +container, or when each of CONTAINED, a list of symbols, is contained by this +container type." + `(when-contained* + ',contained + ,(if (cdr propapps) `(eseqprops ,@propapps) (car propapps)))) + +(define-function-property-combinator when-contained* (contained propapp) + (macrolet ((check-contained (form) + `(let ((host-contained (get-hostattrs 'iscontained))) + (when (or (not host-contained) + (loop for factor in contained + always (member factor host-contained))) + ,form)))) + (:retprop :type (propapptype propapp) + :hostattrs (lambda (&rest ignore) + (declare (ignore ignore)) + (propappattrs propapp)) + :apply (lambda (&rest ignore) + (declare (ignore ignore)) + (check-contained (propappapply propapp))) + :unapply (lambda (&rest ignore) + (declare (ignore ignore)) + (check-contained (propappunapply propapp))) + :args (cdr propapp)))) -- cgit v1.2.3