devicestate

package
v0.0.0-...-2cbce28 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 25, 2025 License: GPL-3.0 Imports: 73 Imported by: 66

Documentation

Overview

Package devicestate implements the manager and state aspects responsible for the device identity and policies.

Index

Constants

View Source
const (
	RebootHaltOp     = "halt"
	RebootPoweroffOp = "poweroff"
)

Variables

View Source
var EarlyConfig func(st *state.State, preloadGadget func() (sysconfig.Device, *gadget.Info, error)) error

EarlyConfig is a hook set by configstate that can process early configuration during managers' startup.

View Source
var ErrNoRecoverySystem = errors.New("recovery system does not exist")
View Source
var ErrNoSystems = errors.New("no systems seeds")
View Source
var ErrUnsupportedAction = errors.New("unsupported action")

Functions

func CanManageRefreshes

func CanManageRefreshes(st *state.State) bool

CanManageRefreshes returns true if a snap entitled to setting the refresh-schedule to managed is installed in the system and the relevant interface is currently connected.

TODO:

  • Move the CanManageRefreshes code into the ifstate
  • Look at the connections and find the connection for snapd-control with the managed attribute

func CreateRecoverySystem

func CreateRecoverySystem(st *state.State, label string, opts CreateRecoverySystemOptions) (chg *state.Change, err error)

CreateRecoverySystem creates a new recovery system with the given label. See CreateRecoverySystemOptions for details on the options that can be provided.

func CurrentGadgetData

func CurrentGadgetData(st *state.State, curDeviceCtx snapstate.DeviceContext) (*gadget.GadgetData, error)

CurrentGadgetData returns the GadgetData for the currently active gadget.

func DeviceCtx

func DeviceCtx(st *state.State, task *state.Task, providedDeviceCtx snapstate.DeviceContext) (snapstate.DeviceContext, error)

DeviceCtx picks a device context from state, optional task or an optionally pre-provided one. Returns ErrNoState if a model assertion is not yet known. In particular if task belongs to a remodeling change this will find the appropriate remodel context.

func InjectSetModelError

func InjectSetModelError(err error)

InjectSetModelError will trigger the selected error in the doSetModel handler. This is only useful for testing.

func InstallFinish

func InstallFinish(st *state.State, label string, onVolumes map[string]*gadget.Volume, optionalContainers *OptionalContainers) (*state.Change, error)

InstallFinish creates a change that will finish the install for the given label and volumes. This includes writing missing volume content, seting up the bootloader and installing the kernel.

func InstallSetupStorageEncryption

func InstallSetupStorageEncryption(st *state.State, label string, onVolumes map[string]*gadget.Volume) (*state.Change, error)

InstallSetupStorageEncryption creates a change that will setup the storage encryption for the install of the given label and volumes.

func Remodel

func Remodel(st *state.State, new *asserts.Model, localSnaps []LocalSnap, opts RemodelOptions) (*state.Change, error)

Remodel takes a new model assertion and generates a change that takes the device from the old to the new model or an error if the transition is not possible.

TODO:

  • Check estimated disk size delta
  • Check all relevant snaps exist in new store (need to check that even unchanged snaps are accessible)
  • Make sure this works with Core 20 as well, in the Core 20 case we must enforce the default-channels from the model as well

func RemodelingChange

func RemodelingChange(st *state.State) *state.Change

RemodelingChange returns a remodeling change in progress, if there is one

func RemoveRecoverySystem

func RemoveRecoverySystem(st *state.State, label string) (*state.Change, error)

RemoveRecoverySystem removes the recovery system with the given label. The current recovery system cannot be removed.

func RemoveUser

func RemoveUser(st *state.State, username string, opts *RemoveUserOptions) (*auth.UserState, error)

RemoveUser removes linux user account of passed username.

func ResetSession

func ResetSession(st *state.State) error

ResetSession clears the device store session if any.

Types

type CreateRecoverySystemOptions

type CreateRecoverySystemOptions struct {
	// ValidationSets is a list of validation sets to use when creating the new
	// recovery system. If provided, all snaps used to create recovery system
	// will follow the constraints imposed by the validation sets. If required
	// snaps are not present on the system, and LocalSnapSideInfos is not
	// provided, then the snaps will be downloaded.
	ValidationSets []*asserts.ValidationSet

	// LocalSnaps is an optional list of snaps that will be used to create
	// the new recovery system. If provided, this list must contain any snap
	// that is not already installed that will be needed by the new recovery
	// system.
	LocalSnaps []LocalSnap

	// TestSystem is set to true if the new recovery system should be verified
	// by rebooting into the new system, prior to marking it as a valid recovery
	// system. If false, the system will immediately be considered a valid
	// recovery system.
	TestSystem bool

	// MarkDefault is set to true if the new recovery system should be marked as
	// the default recovery system.
	MarkDefault bool

	// Offline is true if the recovery system should be created without reaching
	// out to the store. Offline must be set to true if LocalSnaps is provided.
	Offline bool
}

CreateRecoverySystemOptions is the set of options that can be used with CreateRecoverySystem.

type CreatedUser

type CreatedUser struct {
	Username string
	SSHKeys  []string
}

CreatedUser holds the results from a create user operation.

func CreateKnownUsers

func CreateKnownUsers(st *state.State, sudoer bool, email string) ([]*CreatedUser, error)

CreateKnownUsers creates known users. The user details are fetched from existing system user assertions. If no email is passed, all known users will be created based on valid system user assertions. If an email is passed, only the corresponding system user assertion is used.

func CreateUser

func CreateUser(st *state.State, sudoer bool, email string, expiration time.Time) (*CreatedUser, error)

CreateUser creates a Linux user based on the specified email. The username and public ssh keys for the created account are determined from Ubuntu store based on the email.

type DefaultRecoverySystem

type DefaultRecoverySystem struct {
	// System is the label that is the current default recovery system.
	System string `json:"system"`
	// Model is the model that the system was derived from.
	Model string `json:"model"`
	// BrandID is the brand account ID
	BrandID string `json:"brand-id"`
	// Revision is the revision of the model assertion
	Revision int `json:"revision"`
	// Timestamp is the timestamp of the model assertion
	Timestamp time.Time `json:"timestamp"`
	// TimeMadeDefault is the timestamp when the system was made the default
	TimeMadeDefault time.Time `json:"time-made-default"`
}

type DeviceManager

type DeviceManager struct {
	// contains filtered or unexported fields
}

DeviceManager is responsible for managing the device identity and device policies.

func Manager

func Manager(s *state.State, hookManager *hookstate.HookManager, runner *state.TaskRunner, newStore func(storecontext.DeviceBackend) snapstate.StoreService) (*DeviceManager, error)

Manager returns a new device manager.

func (*DeviceManager) CanStandby

func (m *DeviceManager) CanStandby() bool

func (*DeviceManager) DefaultRecoverySystem

func (m *DeviceManager) DefaultRecoverySystem() (*DefaultRecoverySystem, error)

DefaultRecoverySystem returns the default recovery system, if there is one. state.ErrNoState is returned if a default recovery system has not been set.

func (*DeviceManager) Ensure

func (m *DeviceManager) Ensure() error

Ensure implements StateManager.Ensure.

func (*DeviceManager) EnsureRecoveryKeys

func (m *DeviceManager) EnsureRecoveryKeys() (*client.SystemRecoveryKeysResponse, error)

EnsureRecoveryKeys makes sure appropriate recovery keys exist and returns them. Usually a single recovery key is created/used, but older systems might return both a recovery key for ubuntu-data and a reinstall key for ubuntu-save.

func (*DeviceManager) Model

func (m *DeviceManager) Model() (*asserts.Model, error)

Model returns the device model assertion.

func (*DeviceManager) Reboot

func (m *DeviceManager) Reboot(systemLabel, mode string) error

Reboot triggers a reboot into the given systemLabel and mode.

When called without a systemLabel and without a mode it will just trigger a regular reboot.

When called without a systemLabel but with a mode it will use the current system to enter the given mode.

Note that "recover" and "run" modes are only available for the current system.

func (*DeviceManager) Registered

func (m *DeviceManager) Registered() <-chan struct{}

Registered returns a channel that is closed when the device is known to have been registered.

func (*DeviceManager) ReloadModeenv

func (m *DeviceManager) ReloadModeenv() error

ReloadModeenv is only useful for integration testing

func (*DeviceManager) RemoveRecoveryKeys

func (m *DeviceManager) RemoveRecoveryKeys() error

RemoveRecoveryKeys removes and disables all recovery keys.

func (*DeviceManager) RequestSystemAction

func (m *DeviceManager) RequestSystemAction(systemLabel string, action SystemAction) error

RequestSystemAction requests the provided system to be run in a given mode as specified by action. A system reboot will be requested when the request can be successfully carried out.

func (*DeviceManager) ResetToPostBootState

func (m *DeviceManager) ResetToPostBootState()

ResetToPostBootState is only useful for integration testing.

func (*DeviceManager) Serial

func (m *DeviceManager) Serial() (*asserts.Serial, error)

Serial returns the device serial assertion.

func (*DeviceManager) SignConfdbControl

func (m *DeviceManager) SignConfdbControl(groups []interface{}, revision int) (*asserts.ConfdbControl, error)

SignConfdbControl signs a confdb-control assertion using the device's key as it needs to be attested by the device.

func (*DeviceManager) StartOfOperationTime

func (m *DeviceManager) StartOfOperationTime() (time.Time, error)

StartOfOperationTime returns the time when snapd started operating, and sets it in the state when called for the first time. The StartOfOperationTime time is seed-time if available, or current time otherwise.

func (*DeviceManager) StartUp

func (m *DeviceManager) StartUp() error

StartUp implements StateStarterUp.Startup.

func (*DeviceManager) StoreContextBackend

func (m *DeviceManager) StoreContextBackend() storecontext.Backend

func (*DeviceManager) SystemAndGadgetAndEncryptionInfo

func (m *DeviceManager) SystemAndGadgetAndEncryptionInfo(wantedSystemLabel string) (*System, *gadget.Info, *install.EncryptionSupportInfo, error)

SystemAndGadgetAndEncryptionInfo return the system details including the model assertion, gadget details and encryption info for the given system label.

func (*DeviceManager) SystemMode

func (m *DeviceManager) SystemMode(sysExpect SysExpectation) string

SystemMode returns the current mode of the system. An expectation about the system controls the returned mode when none is set explicitly, as it's the case on pre-UC20 systems. In which case, with SysAny, the mode defaults to implicit "run", thus covering pre-UC20 systems. With SysHasModeeenv, as there is always an explicit mode in systems that use modeenv, no implicit default is used and thus "" is returned for pre-UC20 systems.

func (*DeviceManager) SystemModeInfo

func (m *DeviceManager) SystemModeInfo() (*SystemModeInfo, error)

SystemModeInfo returns details about the current system mode the device is in.

func (*DeviceManager) Systems

func (m *DeviceManager) Systems() ([]*System, error)

Systems list the available recovery/seeding systems. Returns the list of systems, ErrNoSystems when no systems seeds were found or other error.

func (*DeviceManager) Unregister

func (m *DeviceManager) Unregister(opts *UnregisterOptions) error

Unregister unregisters the device forgetting its serial plus the additional behavior described by the UnregisterOptions

type LocalSnap

type LocalSnap struct {
	// SideInfo is the snap.SideInfo struct that represents a local snap that
	// will be used to create a recovery system or remodel the system.
	SideInfo *snap.SideInfo

	// Path is the path on disk to a snap that will be used to create a recovery
	// system or remodel the system.
	Path string
}

LocalSnap is a pair of a snap.SideInfo and a path to the snap file on disk that is represented by the snap.SideInfo.

type OptionalContainers

type OptionalContainers struct {
	// Snaps is a list of optional snap names that can be installed.
	Snaps []string `json:"snaps,omitempty"`
	// Components is a mapping of snap names to lists of optional components
	// names that can be installed.
	Components map[string][]string `json:"components,omitempty"`
}

OptionalContainers is used to define the snaps and components that are optional in a system's model, but can be installed when installing a system.

type RebootOptions

type RebootOptions struct {
	Op string `json:"op,omitempty"`
}

RebootOptions can be attached to restart-system-to-run-mode tasks to control their restart behavior.

type RemodelKind

type RemodelKind int

RemodelKind designates a kind of remodeling.

const (
	// same brand/model, brand store
	UpdateRemodel RemodelKind = iota
	// same brand/model, different brand store
	StoreSwitchRemodel
	// different brand/model, maybe different brand store
	ReregRemodel
)

func ClassifyRemodel

func ClassifyRemodel(oldModel, newModel *asserts.Model) RemodelKind

ClassifyRemodel returns what kind of remodeling is going from oldModel to newModel.

func (RemodelKind) String

func (k RemodelKind) String() string

type RemodelOptions

type RemodelOptions struct {
	// Offline is true if the remodel should be done without reaching out to the
	// store. Any snaps needed for the remodel, that are not already installed,
	// should be provided via the parameters to Remodel. Snaps that are already
	// installed will be used if they match the revisions that are required by
	// the model.
	Offline bool
}

RemodelOptions are options for Remodel.

type RemoveUserOptions

type RemoveUserOptions struct {
	Force bool
}

type SysExpectation

type SysExpectation int
const (
	// SysAny indicates any system is appropriate.
	SysAny SysExpectation = iota
	// SysHasModeenv indicates only systems with modeenv are appropriate.
	SysHasModeenv
)

type System

type System struct {
	// Current is true when the system running now was installed from that
	// seed
	Current bool
	// Label of the seed system
	Label string
	// Model assertion of the system
	Model *asserts.Model
	// Brand information
	Brand *asserts.Account
	// Actions available for this system
	Actions []SystemAction
	// DefaultRecoverySystem is true when the system is the default recovery
	// system.
	DefaultRecoverySystem bool
	// OptionalContainers is a set of snaps and components that are optional in
	// the system's model, but are available to be installed when installing this
	// system.
	OptionalContainers OptionalContainers
}

type SystemAction

type SystemAction struct {
	Title string
	Mode  string
}

type SystemModeInfo

type SystemModeInfo struct {
	Mode              string
	HasModeenv        bool
	Seeded            bool
	BootFlags         []string
	HostDataLocations []string
}

func SystemModeInfoFromState

func SystemModeInfoFromState(st *state.State) (*SystemModeInfo, error)

SystemModeInfoFromState returns details about the system mode the device is in.

type UnregisterOptions

type UnregisterOptions struct {
	NoRegistrationUntilReboot bool
}

type UserError

type UserError struct {
	Err error
}

UserError is returned when invalid or insufficient data is supplied, or if a user-assertion is not found.

func (*UserError) Error

func (e *UserError) Error() string

Directories

Path Synopsis
Package internal (of devicestate) provides functions to access and set the device state for use only by devicestate, for convenience they are also exposed via devicestatetest for use in tests.
Package internal (of devicestate) provides functions to access and set the device state for use only by devicestate, for convenience they are also exposed via devicestatetest for use in tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL