Commit Graph

441 Commits

Author SHA1 Message Date
nikstur 5f28ae75ea tool: atomically write to ESP
To minimize the potential for irrecoverable errors, only atomic writes
to the ESP are performed. This is implemented by first copying the file
to the destination with a `.tmp` suffix and then renaming it to the
final desintation. This is atomic because the rename operation is atomic
on POSIX platforms.

Specifically, this means that even if the system crashes during the
operation, the final desintation path will most likely be intact if it
exists at all. There are some nuances to this however. It **cannot** be
actually guaranteed that the operation was performed on the filesystem
level. However, this is the best we can do for now.

For reference:
- POSIX rename(2): https://pubs.opengroup.org/onlinepubs/9699919799/
- Rust fs::rename corresponds to rename(2) on Unix: https://doc.rust-lang.org/std/fs/fn.rename.html
- Rust fs::rename is implemented using libc's rename: https://github.com/rust-lang/rust/blob/master/library/std/src/sys/unix/fs.rs#L1397
- Renaming in libc is atomic: https://www.gnu.org/software/libc/manual/html_node/Renaming-Files.html
2023-01-29 15:31:38 +01:00
nikstur 41c7a14a80
Merge pull request #82 from nix-community/clean-up-nixos-tests
nix.tests: clean up
2023-01-29 00:10:27 +01:00
nikstur fd2e7f7a40 nix.tests: clean up
The test attributes and names are simplified and standardized. They now
roughly follow the same structure as the systemd-boot test in Nixpkgs.
Some comments are added and variable names changed to make it more clear
what they actually do.
2023-01-28 01:40:48 +01:00
nikstur 0ca25a9bf0
Merge pull request #78 from nix-community/robust-systemd-version-parsing
tool: make systemd version parsing robust
2023-01-26 21:46:03 +01:00
nikstur 247afb33a2 tool: make systemd version parsing robust
To make handling systemd versions more robust, they are parsed into a
u32 tuple instead of an f32. Additionally, some unit tests for correct
parsing and comparing of versions are added.
2023-01-26 21:30:44 +01:00
nikstur eb0ffc6b9c
Merge pull request #79 from nix-community/cleanup-test-fixtures
Cleanup test fixtures
2023-01-26 02:26:25 +01:00
nikstur efa2410292 treewide: move uefi-keys into test fixtures
To clean up the repository move the uefi keys (`pki/`) to
`nix/tests/fixtures/uefi-keys`.
2023-01-26 01:18:41 +01:00
nikstur 1970b95b68 tool: remove bootspec.json
This fixture is not necessary anymore as we have enough integration
tests.
2023-01-26 01:16:09 +01:00
nikstur 3469cefb5b
Merge pull request #76 from nix-community/smart-systemd-boot-install
tool: smarter systemd-boot install
2023-01-25 23:24:26 +01:00
nikstur cc169689f3 tool: smarter systemd-boot install
The process of installing systemd-boot is "smarter" because it now
considers a a few conditions instead of doing nothing if there is a file
at the deistination path. systemd-boot is now forcibly installed (i.e.
overwriting any file at the destination) if (1) there is no file at the
destination, OR (2) a newer version of systemd-boot is available, OR (3)
the signature of the file at the destination could not be verified.
2023-01-25 22:21:14 +01:00
nikstur a9bce14645
Merge pull request #74 from nix-community/refactor-esp-paths
tool: split esp paths
2023-01-25 00:32:07 +01:00
nikstur db75203e31 tool: split esp paths
To access paths on the ESP before or after installing generations, split
EspPaths into general EspPaths that only depend on the path to the ESP
and EspGenerationPaths which additionally depend on generation specific
information (e.g. version number and initrd filename).
2023-01-25 00:24:40 +01:00
Julian Stecklina b24aad3070
Merge pull request #69 from nix-community/refactor-tmpdir
Refactor tempdir: Add SecureTempDirExt
2023-01-21 17:56:14 +01:00
nikstur 6e452b50df tool: add SecureTempDirExt
Add an extension to TempDir that allows to create secure tempfiles. This
way, everything related to creating secure tempfiles is bundled in a
single place and can easily be reused.
2023-01-21 16:26:17 +01:00
nikstur 94a1cf055a
Merge pull request #71 from nix-community/typos
Enable Typo Checks
2023-01-21 16:18:56 +01:00
Julian Stecklina 4b50882645 flake: enable automatic typo checks 2023-01-21 10:28:02 +01:00
Julian Stecklina dd499f6642 treewide: fix typos 2023-01-21 10:27:34 +01:00
Julian Stecklina 65896e03fa
Merge pull request #62 from nix-community/rename-subprojects
Rename subprojects
2023-01-19 23:37:53 +01:00
nikstur f49b312c0a docs: simplify subproject names 2023-01-19 20:36:23 +01:00
nikstur 5bb33f3389 treewide: simplify subproject names
Lanzatool is renamed to 'tool' and lanzaboote is renamed to 'stub'.
The name of the lanzatool binary is now 'lzbt' standing for
LanZaBooteTool.
2023-01-17 21:31:14 +01:00
nikstur 2fce3c0802 treewde: simplify subproject directory names
This commit only moves the directories instead of chaning any names
inside files.
2023-01-17 21:31:14 +01:00
nikstur 76d9cb9bf9
Merge pull request #63 from nix-community/sha256-insteadof-blake3
blake3 -> sha256
2023-01-17 20:57:02 +01:00
Julian Stecklina 30d6c92583
Merge pull request #59 from nix-community/docs
Rewrite Quickstart Docs
2023-01-14 13:15:40 +01:00
nikstur 3db39f403b treewide: blake3 -> sha256
Using the sha2 crate instead of blake3 decreases the binary size of the
stub by around 50%.
2023-01-14 02:31:54 +01:00
Julian Stecklina 36717c0edf docs: rewrite quickstart 2023-01-13 10:16:09 +01:00
Julian Stecklina 367d36775d
Merge pull request #54 from nix-community/pre-commit-style
Enforce Nix Style
2023-01-10 09:27:26 +01:00
Julian Stecklina 4f14ca0197 flake: reformat to fit nixpkgs-fmt style 2023-01-08 14:42:53 +01:00
Julian Stecklina 74182c199a flake: enforce nix style via nixpkgs-fmt 2023-01-08 14:42:53 +01:00
Julian Stecklina 5aae26a63d flake: enable pre-commit hooks 2023-01-08 14:42:53 +01:00
Julian Stecklina 16d40d702d
Merge pull request #52 from nix-community/pre-commit
Switch to flake-parts
2023-01-08 10:10:02 +01:00
Julian Stecklina bed6a4b8ba flake.lock: Update
Flake lock file updates:

• Updated input 'crane':
    'github:ipetkov/crane/59b31b41a589c0a65e4a1f86b0e5eac68081468b' (2022-12-13)
  → 'github:ipetkov/crane/0144134311767fcee80213321f079a8ffa0b9cc1' (2023-01-07)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/e8ee153b1717dca9c6aa38d5cf198329480d5b41' (2022-12-23)
  → 'github:NixOS/nixpkgs/d9f73e41fd3c8e85b266bdb91cb7535600010798' (2023-01-06)
• Updated input 'rust-overlay':
    'github:oxalica/rust-overlay/905db21103d646ddc1eb81920e05180e6e2b6734' (2022-12-17)
  → 'github:oxalica/rust-overlay/802ff3314663ec7114f29a6e8b200dfc892023f8' (2023-01-07)
2023-01-07 20:25:04 +01:00
Julian Stecklina 13ee4b6a59 flake: move attributes over to flake-parts 2023-01-07 20:25:04 +01:00
Julian Stecklina e7ec7ceefd flake: add flake-parts without moving attributes
This commit adds flake-parts and does minimal enabling without moving
any of the attributes into their "proper" locations yet.
2023-01-07 20:25:04 +01:00
Ryan Lahfa b3bef69365
Merge pull request #53 from Laurent2916/master
README: word typo
2023-01-07 14:53:43 +01:00
Laureηt 3af592d714
fix: typo in README.md 2023-01-07 12:21:41 +00:00
nikstur 47085e8578
Merge pull request #51 from nix-community/special-specialized-specialisation
Lanzatool: spell specialised consistently
2023-01-06 23:33:51 +01:00
nikstur 7f235ce004 lanzatool: spell specialised consistently 2023-01-06 23:20:31 +01:00
nikstur b79dea1fca
Merge pull request #50 from nix-community/os-release
Lanzatool: generate custom os-release
2023-01-06 22:11:27 +01:00
nikstur 4f44cb70a2 lanzatool: generate custom os-release 2023-01-06 21:27:51 +01:00
nikstur 2f36f1119a
Merge pull request #49 from nix-community/fix-config-limit
Lanzatool: fix config limit
2023-01-04 22:39:20 +01:00
nikstur b6eb6c1e52 lanzatool: keep unrelated files when running gc 2023-01-04 22:29:09 +01:00
nikstur 8cd7452194
Merge pull request #48 from nix-community/improve-gc-integration-test
Lanzatool: improve gc integration test
2023-01-04 22:27:45 +01:00
Ryan Lahfa e9d911a5f5
Merge pull request #47 from nix-community/RaitoBezarius-patch-1
README: typo on quick start path
2023-01-04 02:12:29 +01:00
Ryan Lahfa 885a171734
README: typo on quick start path 2023-01-04 02:12:19 +01:00
nikstur c4e5ec7008 lanzatool: add more assertions to gc integration test 2023-01-04 01:23:13 +01:00
Julian Stecklina 03fa7d3401
Merge pull request #44 from nix-community/docs
Update README
2023-01-03 17:55:24 +01:00
Julian Stecklina 337689bbbc docs: remove stale information and add overview 2023-01-03 17:51:28 +01:00
nikstur 7afbc43195
Merge pull request #43 from nix-community/some-more-lanzatool-refactoring
lanzatool: some more refactoring
2023-01-02 00:41:13 +01:00
nikstur 1e632c0d1d lanzatool: add context to sbsing output failure 2023-01-02 00:34:01 +01:00
nikstur b592d92744 lanzatool: don't open file to read metadata 2023-01-02 00:34:01 +01:00