add support for pre and post commit hooks

This allows for instance integration of etckeeper

[TT: Reorganized code a bit, and modified to use single
directory commit_hooks.d with argument for script of stage.]
cute-signatures
Henrik Riomar 2017-02-03 00:37:23 +01:00 committed by Timo Teräs
parent 28a9dcda56
commit 349c61c961
6 changed files with 77 additions and 32 deletions

View File

@ -219,6 +219,7 @@ int apk_db_write_config(struct apk_database *db);
int apk_db_permanent(struct apk_database *db); int apk_db_permanent(struct apk_database *db);
int apk_db_check_world(struct apk_database *db, struct apk_dependency_array *world); int apk_db_check_world(struct apk_database *db, struct apk_dependency_array *world);
int apk_db_fire_triggers(struct apk_database *db); int apk_db_fire_triggers(struct apk_database *db);
int apk_db_run_script(struct apk_database *db, char *fn, char **argv);
void apk_db_update_directory_permissions(struct apk_database *db); void apk_db_update_directory_permissions(struct apk_database *db);
struct apk_package *apk_db_pkg_add(struct apk_database *db, struct apk_package *pkg); struct apk_package *apk_db_pkg_add(struct apk_database *db, struct apk_package *pkg);

View File

@ -179,11 +179,8 @@ static int audit_directory_tree_item(void *ctx, int dirfd, const char *name)
struct apk_file_info fi; struct apk_file_info fi;
int reason = 0; int reason = 0;
if (bdir.len + bent.len + 1 >= sizeof(atctx->path)) if (bdir.len + bent.len + 1 >= sizeof(atctx->path)) return 0;
return -ENOMEM; if (apk_fileinfo_get(dirfd, name, APK_FI_NOFOLLOW, &fi) < 0) return 0;
if (apk_fileinfo_get(dirfd, name, APK_FI_NOFOLLOW, &fi) < 0)
return -EPERM;
memcpy(&atctx->path[atctx->pathlen], bent.ptr, bent.len); memcpy(&atctx->path[atctx->pathlen], bent.ptr, bent.len);
atctx->pathlen += bent.len; atctx->pathlen += bent.len;
@ -273,7 +270,7 @@ done:
apk_db_dir_unref(db, child, FALSE); apk_db_dir_unref(db, child, FALSE);
atctx->pathlen -= bent.len; atctx->pathlen -= bent.len;
return reason < 0 ? reason : 0; return 0;
} }
static int audit_directory_tree(struct audit_tree_ctx *atctx, int dirfd) static int audit_directory_tree(struct audit_tree_ctx *atctx, int dirfd)

View File

@ -216,6 +216,40 @@ static void run_triggers(struct apk_database *db, struct apk_changeset *changese
} }
} }
#define PRE_COMMIT_HOOK 0
#define POST_COMMIT_HOOK 1
struct apk_commit_hook {
struct apk_database *db;
int type;
};
static int run_commit_hook(void *ctx, int dirfd, const char *file)
{
static char *const commit_hook_str[] = { "pre-commit", "post-commit" };
struct apk_commit_hook *hook = (struct apk_commit_hook *) ctx;
struct apk_database *db = hook->db;
char fn[PATH_MAX], *argv[] = { fn, (char *) commit_hook_str[hook->type], NULL };
if ((apk_flags & (APK_NO_SCRIPTS | APK_SIMULATE)) != 0)
return 0;
snprintf(fn, sizeof(fn), "etc/apk/commit_hooks.d" "/%s", file);
if (apk_verbosity >= 2) apk_message("Executing: %s", fn);
if (apk_db_run_script(db, fn, argv) < 0 && hook->type == PRE_COMMIT_HOOK)
return -1;
return 0;
}
static int run_commit_hooks(struct apk_database *db, int type)
{
struct apk_commit_hook hook = { .db = db, .type = type };
return apk_dir_foreach_file(openat(db->root_fd, "etc/apk/commit_hooks.d", O_RDONLY | O_CLOEXEC),
run_commit_hook, &hook);
}
int apk_solver_commit_changeset(struct apk_database *db, int apk_solver_commit_changeset(struct apk_database *db,
struct apk_changeset *changeset, struct apk_changeset *changeset,
struct apk_dependency_array *world) struct apk_dependency_array *world)
@ -278,6 +312,9 @@ int apk_solver_commit_changeset(struct apk_database *db,
} }
} }
if (run_commit_hooks(db, PRE_COMMIT_HOOK) < 0)
return -1;
/* Go through changes */ /* Go through changes */
foreach_array_item(change, changeset->changes) { foreach_array_item(change, changeset->changes) {
r = change->old_pkg && r = change->old_pkg &&
@ -308,6 +345,7 @@ int apk_solver_commit_changeset(struct apk_database *db,
all_done: all_done:
apk_dependency_array_copy(&db->world, world); apk_dependency_array_copy(&db->world, world);
apk_db_write_config(db); apk_db_write_config(db);
run_commit_hooks(db, POST_COMMIT_HOOK);
if (!db->performing_self_upgrade) { if (!db->performing_self_upgrade) {
if (errors) if (errors)
@ -328,7 +366,6 @@ all_done:
db->installed.stats.packages); db->installed.stats.packages);
} }
} }
return errors; return errors;
} }

View File

@ -13,6 +13,7 @@
#include <stdio.h> #include <stdio.h>
#include <fcntl.h> #include <fcntl.h>
#include <mntent.h> #include <mntent.h>
#include <libgen.h>
#include <limits.h> #include <limits.h>
#include <unistd.h> #include <unistd.h>
#include <malloc.h> #include <malloc.h>
@ -1877,6 +1878,34 @@ int apk_db_fire_triggers(struct apk_database *db)
return db->pending_triggers; return db->pending_triggers;
} }
int apk_db_run_script(struct apk_database *db, char *fn, char **argv)
{
int status;
pid_t pid;
static char * const environment[] = {
"PATH=/usr/sbin:/usr/bin:/sbin:/bin",
NULL
};
pid = fork();
if (pid == -1) {
apk_error("%s: fork: %s", basename(fn), strerror(errno));
return -2;
}
if (pid == 0) {
umask(0022);
if (fchdir(db->root_fd) == 0 && chroot(".") == 0)
execve(fn, argv, environment);
exit(127); /* should not get here */
}
waitpid(pid, &status, 0);
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
apk_error("%s: script exited with error %d", basename(fn), WEXITSTATUS(status));
return -1;
}
return 0;
}
static int update_permissions(apk_hash_item item, void *ctx) static int update_permissions(apk_hash_item item, void *ctx)
{ {
struct apk_database *db = (struct apk_database *) ctx; struct apk_database *db = (struct apk_database *) ctx;

View File

@ -741,6 +741,7 @@ int apk_dir_foreach_file(int dirfd, apk_dir_file_cb cb, void *ctx)
{ {
struct dirent *de; struct dirent *de;
DIR *dir; DIR *dir;
int ret = 0;
if (dirfd < 0) if (dirfd < 0)
return -1; return -1;
@ -759,11 +760,11 @@ int apk_dir_foreach_file(int dirfd, apk_dir_file_cb cb, void *ctx)
(de->d_name[1] == '.' && de->d_name[2] == 0)) (de->d_name[1] == '.' && de->d_name[2] == 0))
continue; continue;
} }
cb(ctx, dirfd, de->d_name); ret = cb(ctx, dirfd, de->d_name);
if (ret) break;
} }
closedir(dir); closedir(dir);
return ret;
return 0;
} }
struct apk_istream *apk_istream_from_file_gz(int atfd, const char *file) struct apk_istream *apk_istream_from_file_gz(int atfd, const char *file)

View File

@ -979,14 +979,9 @@ void apk_ipkg_run_script(struct apk_installed_package *ipkg,
struct apk_database *db, struct apk_database *db,
unsigned int type, char **argv) unsigned int type, char **argv)
{ {
static char * const environment[] = {
"PATH=/usr/sbin:/usr/bin:/sbin:/bin",
NULL
};
struct apk_package *pkg = ipkg->pkg; struct apk_package *pkg = ipkg->pkg;
char fn[PATH_MAX]; char fn[PATH_MAX];
int fd, status, root_fd = db->root_fd; int fd, root_fd = db->root_fd;
pid_t pid;
if (type >= APK_SCRIPT_MAX || ipkg->script[type].ptr == NULL) if (type >= APK_SCRIPT_MAX || ipkg->script[type].ptr == NULL)
return; return;
@ -1015,23 +1010,8 @@ void apk_ipkg_run_script(struct apk_installed_package *ipkg,
} }
close(fd); close(fd);
pid = fork(); if (apk_db_run_script(db, fn, argv) < 0)
if (pid == -1)
goto error;
if (pid == 0) {
umask(0022);
if (fchdir(root_fd) == 0 && chroot(".") == 0)
execve(fn, argv, environment);
exit(1);
}
waitpid(pid, &status, 0);
unlinkat(root_fd, fn, 0);
apk_id_cache_reset(&db->id_cache);
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
apk_error("%s: script exited with error %d", &fn[15], WEXITSTATUS(status));
ipkg->broken_script = 1; ipkg->broken_script = 1;
}
return; return;
error: error:
apk_error("%s: failed to execute: %s", &fn[15], apk_error_str(errno)); apk_error("%s: failed to execute: %s", &fn[15], apk_error_str(errno));