Skip to content

Commit

Permalink
commit: Add an API to warn but continue on files in /var
Browse files Browse the repository at this point in the history
xref coreos/rpm-ostree#4017

I want to have rpm-ostree use this API, but in order to do so
in a backwards compatible way we need a mode that just warns but
continues.
  • Loading branch information
cgwalters committed Sep 16, 2022
1 parent 3d0f33a commit c4fe832
Showing 1 changed file with 28 additions and 5 deletions.
33 changes: 28 additions & 5 deletions lib/src/commit.rs
Original file line number Diff line number Diff line change
Expand Up @@ -47,10 +47,7 @@ fn process_dir_recurse(root: &Dir, path: &Utf8Path, error_count: &mut i32) -> Re
Ok(validated)
}

/// Given a root filesystem, clean out empty directories and warn about
/// files in /var. /run, /tmp, and /var/tmp have their contents recursively cleaned.
pub fn prepare_ostree_commit_in(root: &Dir) -> Result<()> {
let mut error_count = 0;
fn clean_paths_in(root: &Dir) -> Result<()> {
for path in FORCE_CLEAN_PATHS {
if let Some(subdir) = root.open_dir_optional(path)? {
for entry in subdir.entries()? {
Expand All @@ -59,13 +56,34 @@ pub fn prepare_ostree_commit_in(root: &Dir) -> Result<()> {
}
}
}
Ok(())
}

fn process_var(root: &Dir, strict: bool) -> Result<()> {
let var = Utf8Path::new("var");
let mut error_count = 0;
if root.try_exists(var)? && !process_dir_recurse(root, var, &mut error_count)? {
anyhow::bail!("Found content in {var}");
if strict {
anyhow::bail!("Found content in {var}");
}
}
Ok(())
}

/// Given a root filesystem, clean out empty directories and warn about
/// files in /var. /run, /tmp, and /var/tmp have their contents recursively cleaned.
pub fn prepare_ostree_commit_in(root: &Dir) -> Result<()> {
clean_paths_in(root)?;
process_var(root, true)
}

/// Like [`prepare_ostree_commit_in`] but only emits warnings about unsupported
/// files in `/var` and will not error.
pub fn prepare_ostree_commit_in_nonstrict(root: &Dir) -> Result<()> {
clean_paths_in(root)?;
process_var(root, false)
}

/// Entrypoint to the commit procedures, initially we just
/// have one validation but we expect more in the future.
pub(crate) async fn container_commit() -> Result<()> {
Expand All @@ -87,6 +105,7 @@ mod tests {

// Handle the empty case
prepare_ostree_commit_in(td).unwrap();
prepare_ostree_commit_in_nonstrict(td).unwrap();

let var = Utf8Path::new("var");
let run = Utf8Path::new("run");
Expand Down Expand Up @@ -119,6 +138,10 @@ mod tests {
assert!(prepare_ostree_commit_in(td).is_err());
assert!(td.try_exists(var)?);

td.write(var.join("foo"), "somefile")?;
prepare_ostree_commit_in_nonstrict(td).unwrap();
assert!(td.try_exists(var)?);

let nested = Utf8Path::new("var/lib/nested");
td.create_dir_all(&nested)?;
td.write(nested.join("foo"), "test1")?;
Expand Down

0 comments on commit c4fe832

Please sign in to comment.