Documentation ¶
Overview ¶
Package devicestate implements the manager and state aspects responsible for the device identity and policies.
Index ¶
- Constants
- Variables
- func CanManageRefreshes(st *state.State) bool
- func CreateRecoverySystem(st *state.State, label string, opts CreateRecoverySystemOptions) (chg *state.Change, err error)
- func CurrentGadgetData(st *state.State, curDeviceCtx snapstate.DeviceContext) (*gadget.GadgetData, error)
- func DeviceCtx(st *state.State, task *state.Task, providedDeviceCtx snapstate.DeviceContext) (snapstate.DeviceContext, error)
- func InjectSetModelError(err error)
- func InstallFinish(st *state.State, label string, onVolumes map[string]*gadget.Volume, ...) (*state.Change, error)
- func InstallSetupStorageEncryption(st *state.State, label string, onVolumes map[string]*gadget.Volume) (*state.Change, error)
- func Remodel(st *state.State, new *asserts.Model, localSnaps []LocalSnap, ...) (*state.Change, error)
- func RemodelingChange(st *state.State) *state.Change
- func RemoveRecoverySystem(st *state.State, label string) (*state.Change, error)
- func RemoveUser(st *state.State, username string, opts *RemoveUserOptions) (*auth.UserState, error)
- func ResetSession(st *state.State) error
- type CreateRecoverySystemOptions
- type CreatedUser
- type DefaultRecoverySystem
- type DeviceManager
- func (m *DeviceManager) CanStandby() bool
- func (m *DeviceManager) DefaultRecoverySystem() (*DefaultRecoverySystem, error)
- func (m *DeviceManager) Ensure() error
- func (m *DeviceManager) EnsureRecoveryKeys() (*client.SystemRecoveryKeysResponse, error)
- func (m *DeviceManager) Model() (*asserts.Model, error)
- func (m *DeviceManager) Reboot(systemLabel, mode string) error
- func (m *DeviceManager) Registered() <-chan struct{}
- func (m *DeviceManager) ReloadModeenv() error
- func (m *DeviceManager) RemoveRecoveryKeys() error
- func (m *DeviceManager) RequestSystemAction(systemLabel string, action SystemAction) error
- func (m *DeviceManager) ResetToPostBootState()
- func (m *DeviceManager) Serial() (*asserts.Serial, error)
- func (m *DeviceManager) SignConfdbControl(groups []interface{}, revision int) (*asserts.ConfdbControl, error)
- func (m *DeviceManager) StartOfOperationTime() (time.Time, error)
- func (m *DeviceManager) StartUp() error
- func (m *DeviceManager) StoreContextBackend() storecontext.Backend
- func (m *DeviceManager) SystemAndGadgetAndEncryptionInfo(wantedSystemLabel string) (*System, *gadget.Info, *install.EncryptionSupportInfo, error)
- func (m *DeviceManager) SystemMode(sysExpect SysExpectation) string
- func (m *DeviceManager) SystemModeInfo() (*SystemModeInfo, error)
- func (m *DeviceManager) Systems() ([]*System, error)
- func (m *DeviceManager) Unregister(opts *UnregisterOptions) error
- type LocalSnap
- type OptionalContainers
- type RebootOptions
- type RemodelKind
- type RemodelOptions
- type RemoveUserOptions
- type SysExpectation
- type System
- type SystemAction
- type SystemModeInfo
- type UnregisterOptions
- type UserError
Constants ¶
const ( RebootHaltOp = "halt" RebootPoweroffOp = "poweroff" )
Variables ¶
var EarlyConfig func(st *state.State, preloadGadget func() (sysconfig.Device, *gadget.Info, error)) error
EarlyConfig is a hook set by configstate that can process early configuration during managers' startup.
var ErrNoRecoverySystem = errors.New("recovery system does not exist")
var ErrNoSystems = errors.New("no systems seeds")
var ErrUnsupportedAction = errors.New("unsupported action")
Functions ¶
func CanManageRefreshes ¶
CanManageRefreshes returns true if a snap entitled to setting the refresh-schedule to managed is installed in the system and the relevant interface is currently connected.
TODO:
- Move the CanManageRefreshes code into the ifstate
- Look at the connections and find the connection for snapd-control with the managed attribute
func CreateRecoverySystem ¶
func CreateRecoverySystem(st *state.State, label string, opts CreateRecoverySystemOptions) (chg *state.Change, err error)
CreateRecoverySystem creates a new recovery system with the given label. See CreateRecoverySystemOptions for details on the options that can be provided.
func CurrentGadgetData ¶
func CurrentGadgetData(st *state.State, curDeviceCtx snapstate.DeviceContext) (*gadget.GadgetData, error)
CurrentGadgetData returns the GadgetData for the currently active gadget.
func DeviceCtx ¶
func DeviceCtx(st *state.State, task *state.Task, providedDeviceCtx snapstate.DeviceContext) (snapstate.DeviceContext, error)
DeviceCtx picks a device context from state, optional task or an optionally pre-provided one. Returns ErrNoState if a model assertion is not yet known. In particular if task belongs to a remodeling change this will find the appropriate remodel context.
func InjectSetModelError ¶
func InjectSetModelError(err error)
InjectSetModelError will trigger the selected error in the doSetModel handler. This is only useful for testing.
func InstallFinish ¶
func InstallFinish(st *state.State, label string, onVolumes map[string]*gadget.Volume, optionalContainers *OptionalContainers) (*state.Change, error)
InstallFinish creates a change that will finish the install for the given label and volumes. This includes writing missing volume content, seting up the bootloader and installing the kernel.
func InstallSetupStorageEncryption ¶
func InstallSetupStorageEncryption(st *state.State, label string, onVolumes map[string]*gadget.Volume) (*state.Change, error)
InstallSetupStorageEncryption creates a change that will setup the storage encryption for the install of the given label and volumes.
func Remodel ¶
func Remodel(st *state.State, new *asserts.Model, localSnaps []LocalSnap, opts RemodelOptions) (*state.Change, error)
Remodel takes a new model assertion and generates a change that takes the device from the old to the new model or an error if the transition is not possible.
TODO:
- Check estimated disk size delta
- Check all relevant snaps exist in new store (need to check that even unchanged snaps are accessible)
- Make sure this works with Core 20 as well, in the Core 20 case we must enforce the default-channels from the model as well
func RemodelingChange ¶
RemodelingChange returns a remodeling change in progress, if there is one
func RemoveRecoverySystem ¶
RemoveRecoverySystem removes the recovery system with the given label. The current recovery system cannot be removed.
func RemoveUser ¶
RemoveUser removes linux user account of passed username.
func ResetSession ¶
ResetSession clears the device store session if any.
Types ¶
type CreateRecoverySystemOptions ¶
type CreateRecoverySystemOptions struct { // ValidationSets is a list of validation sets to use when creating the new // recovery system. If provided, all snaps used to create recovery system // will follow the constraints imposed by the validation sets. If required // snaps are not present on the system, and LocalSnapSideInfos is not // provided, then the snaps will be downloaded. ValidationSets []*asserts.ValidationSet // LocalSnaps is an optional list of snaps that will be used to create // the new recovery system. If provided, this list must contain any snap // that is not already installed that will be needed by the new recovery // system. LocalSnaps []LocalSnap // TestSystem is set to true if the new recovery system should be verified // by rebooting into the new system, prior to marking it as a valid recovery // system. If false, the system will immediately be considered a valid // recovery system. TestSystem bool // MarkDefault is set to true if the new recovery system should be marked as // the default recovery system. MarkDefault bool // Offline is true if the recovery system should be created without reaching // out to the store. Offline must be set to true if LocalSnaps is provided. Offline bool }
CreateRecoverySystemOptions is the set of options that can be used with CreateRecoverySystem.
type CreatedUser ¶
CreatedUser holds the results from a create user operation.
func CreateKnownUsers ¶
CreateKnownUsers creates known users. The user details are fetched from existing system user assertions. If no email is passed, all known users will be created based on valid system user assertions. If an email is passed, only the corresponding system user assertion is used.
func CreateUser ¶
func CreateUser(st *state.State, sudoer bool, email string, expiration time.Time) (*CreatedUser, error)
CreateUser creates a Linux user based on the specified email. The username and public ssh keys for the created account are determined from Ubuntu store based on the email.
type DefaultRecoverySystem ¶
type DefaultRecoverySystem struct { // System is the label that is the current default recovery system. System string `json:"system"` // Model is the model that the system was derived from. Model string `json:"model"` // BrandID is the brand account ID BrandID string `json:"brand-id"` // Revision is the revision of the model assertion Revision int `json:"revision"` // Timestamp is the timestamp of the model assertion Timestamp time.Time `json:"timestamp"` // TimeMadeDefault is the timestamp when the system was made the default TimeMadeDefault time.Time `json:"time-made-default"` }
type DeviceManager ¶
type DeviceManager struct {
// contains filtered or unexported fields
}
DeviceManager is responsible for managing the device identity and device policies.
func Manager ¶
func Manager(s *state.State, hookManager *hookstate.HookManager, runner *state.TaskRunner, newStore func(storecontext.DeviceBackend) snapstate.StoreService) (*DeviceManager, error)
Manager returns a new device manager.
func (*DeviceManager) CanStandby ¶
func (m *DeviceManager) CanStandby() bool
func (*DeviceManager) DefaultRecoverySystem ¶
func (m *DeviceManager) DefaultRecoverySystem() (*DefaultRecoverySystem, error)
DefaultRecoverySystem returns the default recovery system, if there is one. state.ErrNoState is returned if a default recovery system has not been set.
func (*DeviceManager) Ensure ¶
func (m *DeviceManager) Ensure() error
Ensure implements StateManager.Ensure.
func (*DeviceManager) EnsureRecoveryKeys ¶
func (m *DeviceManager) EnsureRecoveryKeys() (*client.SystemRecoveryKeysResponse, error)
EnsureRecoveryKeys makes sure appropriate recovery keys exist and returns them. Usually a single recovery key is created/used, but older systems might return both a recovery key for ubuntu-data and a reinstall key for ubuntu-save.
func (*DeviceManager) Model ¶
func (m *DeviceManager) Model() (*asserts.Model, error)
Model returns the device model assertion.
func (*DeviceManager) Reboot ¶
func (m *DeviceManager) Reboot(systemLabel, mode string) error
Reboot triggers a reboot into the given systemLabel and mode.
When called without a systemLabel and without a mode it will just trigger a regular reboot.
When called without a systemLabel but with a mode it will use the current system to enter the given mode.
Note that "recover" and "run" modes are only available for the current system.
func (*DeviceManager) Registered ¶
func (m *DeviceManager) Registered() <-chan struct{}
Registered returns a channel that is closed when the device is known to have been registered.
func (*DeviceManager) ReloadModeenv ¶
func (m *DeviceManager) ReloadModeenv() error
ReloadModeenv is only useful for integration testing
func (*DeviceManager) RemoveRecoveryKeys ¶
func (m *DeviceManager) RemoveRecoveryKeys() error
RemoveRecoveryKeys removes and disables all recovery keys.
func (*DeviceManager) RequestSystemAction ¶
func (m *DeviceManager) RequestSystemAction(systemLabel string, action SystemAction) error
RequestSystemAction requests the provided system to be run in a given mode as specified by action. A system reboot will be requested when the request can be successfully carried out.
func (*DeviceManager) ResetToPostBootState ¶
func (m *DeviceManager) ResetToPostBootState()
ResetToPostBootState is only useful for integration testing.
func (*DeviceManager) Serial ¶
func (m *DeviceManager) Serial() (*asserts.Serial, error)
Serial returns the device serial assertion.
func (*DeviceManager) SignConfdbControl ¶
func (m *DeviceManager) SignConfdbControl(groups []interface{}, revision int) (*asserts.ConfdbControl, error)
SignConfdbControl signs a confdb-control assertion using the device's key as it needs to be attested by the device.
func (*DeviceManager) StartOfOperationTime ¶
func (m *DeviceManager) StartOfOperationTime() (time.Time, error)
StartOfOperationTime returns the time when snapd started operating, and sets it in the state when called for the first time. The StartOfOperationTime time is seed-time if available, or current time otherwise.
func (*DeviceManager) StartUp ¶
func (m *DeviceManager) StartUp() error
StartUp implements StateStarterUp.Startup.
func (*DeviceManager) StoreContextBackend ¶
func (m *DeviceManager) StoreContextBackend() storecontext.Backend
func (*DeviceManager) SystemAndGadgetAndEncryptionInfo ¶
func (m *DeviceManager) SystemAndGadgetAndEncryptionInfo(wantedSystemLabel string) (*System, *gadget.Info, *install.EncryptionSupportInfo, error)
SystemAndGadgetAndEncryptionInfo return the system details including the model assertion, gadget details and encryption info for the given system label.
func (*DeviceManager) SystemMode ¶
func (m *DeviceManager) SystemMode(sysExpect SysExpectation) string
SystemMode returns the current mode of the system. An expectation about the system controls the returned mode when none is set explicitly, as it's the case on pre-UC20 systems. In which case, with SysAny, the mode defaults to implicit "run", thus covering pre-UC20 systems. With SysHasModeeenv, as there is always an explicit mode in systems that use modeenv, no implicit default is used and thus "" is returned for pre-UC20 systems.
func (*DeviceManager) SystemModeInfo ¶
func (m *DeviceManager) SystemModeInfo() (*SystemModeInfo, error)
SystemModeInfo returns details about the current system mode the device is in.
func (*DeviceManager) Systems ¶
func (m *DeviceManager) Systems() ([]*System, error)
Systems list the available recovery/seeding systems. Returns the list of systems, ErrNoSystems when no systems seeds were found or other error.
func (*DeviceManager) Unregister ¶
func (m *DeviceManager) Unregister(opts *UnregisterOptions) error
Unregister unregisters the device forgetting its serial plus the additional behavior described by the UnregisterOptions
type LocalSnap ¶
type LocalSnap struct { // SideInfo is the snap.SideInfo struct that represents a local snap that // will be used to create a recovery system or remodel the system. SideInfo *snap.SideInfo // Path is the path on disk to a snap that will be used to create a recovery // system or remodel the system. Path string }
LocalSnap is a pair of a snap.SideInfo and a path to the snap file on disk that is represented by the snap.SideInfo.
type OptionalContainers ¶
type OptionalContainers struct { // Snaps is a list of optional snap names that can be installed. Snaps []string `json:"snaps,omitempty"` // Components is a mapping of snap names to lists of optional components // names that can be installed. Components map[string][]string `json:"components,omitempty"` }
OptionalContainers is used to define the snaps and components that are optional in a system's model, but can be installed when installing a system.
type RebootOptions ¶
type RebootOptions struct {
Op string `json:"op,omitempty"`
}
RebootOptions can be attached to restart-system-to-run-mode tasks to control their restart behavior.
type RemodelKind ¶
type RemodelKind int
RemodelKind designates a kind of remodeling.
const ( // same brand/model, brand store UpdateRemodel RemodelKind = iota // same brand/model, different brand store StoreSwitchRemodel // different brand/model, maybe different brand store ReregRemodel )
func ClassifyRemodel ¶
func ClassifyRemodel(oldModel, newModel *asserts.Model) RemodelKind
ClassifyRemodel returns what kind of remodeling is going from oldModel to newModel.
func (RemodelKind) String ¶
func (k RemodelKind) String() string
type RemodelOptions ¶
type RemodelOptions struct { // Offline is true if the remodel should be done without reaching out to the // store. Any snaps needed for the remodel, that are not already installed, // should be provided via the parameters to Remodel. Snaps that are already // installed will be used if they match the revisions that are required by // the model. Offline bool }
RemodelOptions are options for Remodel.
type RemoveUserOptions ¶
type RemoveUserOptions struct {
Force bool
}
type SysExpectation ¶
type SysExpectation int
const ( // SysAny indicates any system is appropriate. SysAny SysExpectation = iota // SysHasModeenv indicates only systems with modeenv are appropriate. SysHasModeenv )
type System ¶
type System struct { // Current is true when the system running now was installed from that // seed Current bool // Label of the seed system Label string // Model assertion of the system Model *asserts.Model // Brand information Brand *asserts.Account // Actions available for this system Actions []SystemAction // DefaultRecoverySystem is true when the system is the default recovery // system. DefaultRecoverySystem bool // OptionalContainers is a set of snaps and components that are optional in // the system's model, but are available to be installed when installing this // system. OptionalContainers OptionalContainers }
type SystemAction ¶
type SystemModeInfo ¶
type SystemModeInfo struct { Mode string HasModeenv bool Seeded bool BootFlags []string HostDataLocations []string }
func SystemModeInfoFromState ¶
func SystemModeInfoFromState(st *state.State) (*SystemModeInfo, error)
SystemModeInfoFromState returns details about the system mode the device is in.
type UnregisterOptions ¶
type UnregisterOptions struct {
NoRegistrationUntilReboot bool
}
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
Package internal (of devicestate) provides functions to access and set the device state for use only by devicestate, for convenience they are also exposed via devicestatetest for use in tests.
|
Package internal (of devicestate) provides functions to access and set the device state for use only by devicestate, for convenience they are also exposed via devicestatetest for use in tests. |