summaryrefslogtreecommitdiff
path: root/src/grp-initprogs/systemd-update-done
diff options
context:
space:
mode:
Diffstat (limited to 'src/grp-initprogs/systemd-update-done')
-rw-r--r--src/grp-initprogs/systemd-update-done/Makefile34
-rw-r--r--src/grp-initprogs/systemd-update-done/systemd-update-done.service.in21
-rw-r--r--src/grp-initprogs/systemd-update-done/systemd-update-done.service.xml97
-rw-r--r--src/grp-initprogs/systemd-update-done/update-done.c115
4 files changed, 267 insertions, 0 deletions
diff --git a/src/grp-initprogs/systemd-update-done/Makefile b/src/grp-initprogs/systemd-update-done/Makefile
new file mode 100644
index 0000000000..258828924a
--- /dev/null
+++ b/src/grp-initprogs/systemd-update-done/Makefile
@@ -0,0 +1,34 @@
+# -*- Mode: makefile; indent-tabs-mode: t -*-
+#
+# This file is part of systemd.
+#
+# Copyright 2010-2012 Lennart Poettering
+# Copyright 2010-2012 Kay Sievers
+# Copyright 2013 Zbigniew Jędrzejewski-Szmek
+# Copyright 2013 David Strauss
+# Copyright 2016 Luke Shumaker
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+#
+# systemd is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with systemd; If not, see <http://www.gnu.org/licenses/>.
+include $(dir $(lastword $(MAKEFILE_LIST)))/../../../config.mk
+include $(topsrcdir)/build-aux/Makefile.head.mk
+
+rootlibexec_PROGRAMS += systemd-update-done
+
+systemd_update_done_SOURCES = \
+ src/update-done/update-done.c
+
+systemd_update_done_LDADD = \
+ libsystemd-shared.la
+
+include $(topsrcdir)/build-aux/Makefile.tail.mk
diff --git a/src/grp-initprogs/systemd-update-done/systemd-update-done.service.in b/src/grp-initprogs/systemd-update-done/systemd-update-done.service.in
new file mode 100644
index 0000000000..ec7d906392
--- /dev/null
+++ b/src/grp-initprogs/systemd-update-done/systemd-update-done.service.in
@@ -0,0 +1,21 @@
+# This file is part of systemd.
+#
+# systemd is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or
+# (at your option) any later version.
+
+[Unit]
+Description=Update is Completed
+Documentation=man:systemd-update-done.service(8)
+DefaultDependencies=no
+Conflicts=shutdown.target
+After=local-fs.target
+Before=sysinit.target shutdown.target
+ConditionNeedsUpdate=|/etc
+ConditionNeedsUpdate=|/var
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=@rootlibexecdir@/systemd-update-done
diff --git a/src/grp-initprogs/systemd-update-done/systemd-update-done.service.xml b/src/grp-initprogs/systemd-update-done/systemd-update-done.service.xml
new file mode 100644
index 0000000000..a2dad39f01
--- /dev/null
+++ b/src/grp-initprogs/systemd-update-done/systemd-update-done.service.xml
@@ -0,0 +1,97 @@
+<?xml version="1.0"?>
+<!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!--
+ This file is part of systemd.
+
+ Copyright 2014 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+<refentry id="systemd-update-done.service">
+
+ <refentryinfo>
+ <title>systemd-update-done.service</title>
+ <productname>systemd</productname>
+
+ <authorgroup>
+ <author>
+ <contrib>Developer</contrib>
+ <firstname>Lennart</firstname>
+ <surname>Poettering</surname>
+ <email>lennart@poettering.net</email>
+ </author>
+ </authorgroup>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>systemd-update-done.service</refentrytitle>
+ <manvolnum>8</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>systemd-update-done.service</refname>
+ <refname>systemd-update-done</refname>
+ <refpurpose>Mark <filename>/etc</filename> and <filename>/var</filename> fully updated</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <para><filename>systemd-update-done.service</filename></para>
+ <para><filename>/usr/lib/systemd/systemd-update-done</filename></para>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+ <para><filename>systemd-update-done.service</filename> is a
+ service that is invoked as part of the first boot after the vendor
+ operating system resources in <filename>/usr</filename> have been
+ updated. This is useful to implement offline updates of
+ <filename>/usr</filename> which might require updates to
+ <filename>/etc</filename> or <filename>/var</filename> on the
+ following boot.</para>
+
+ <para><filename>systemd-update-done.service</filename> updates the
+ file modification time (mtime) of the stamp files
+ <filename>/etc/.updated</filename> and
+ <filename>/var/.updated</filename> to the modification time of the
+ <filename>/usr</filename> directory, unless the stamp files are
+ already newer.</para>
+
+ <para>Services that shall run after offline upgrades of
+ <filename>/usr</filename> should order themselves before
+ <filename>systemd-update-done.service</filename>, and use the
+ <varname>ConditionNeedsUpdate=</varname> (see
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
+ condition to make sure to run when <filename>/etc</filename> or
+ <filename>/var</filename> are older than <filename>/usr</filename>
+ according to the modification times of the files described above.
+ This requires that updates to <filename>/usr</filename> are always
+ followed by an update of the modification time of
+ <filename>/usr</filename>, for example by invoking
+ <citerefentry project='man-pages'><refentrytitle>touch</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ on it.</para>
+
+ </refsect1>
+
+ <refsect1>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>touch</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
diff --git a/src/grp-initprogs/systemd-update-done/update-done.c b/src/grp-initprogs/systemd-update-done/update-done.c
new file mode 100644
index 0000000000..39d19ec048
--- /dev/null
+++ b/src/grp-initprogs/systemd-update-done/update-done.c
@@ -0,0 +1,115 @@
+/***
+ This file is part of systemd.
+
+ Copyright 2014 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include "basic/fd-util.h"
+#include "basic/io-util.h"
+#include "basic/selinux-util.h"
+#include "basic/util.h"
+
+#define MESSAGE \
+ "This file was created by systemd-update-done. Its only \n" \
+ "purpose is to hold a timestamp of the time this directory\n" \
+ "was updated. See systemd-update-done.service(8).\n"
+
+static int apply_timestamp(const char *path, struct timespec *ts) {
+ struct timespec twice[2] = {
+ *ts,
+ *ts
+ };
+ struct stat st;
+
+ assert(path);
+ assert(ts);
+
+ if (stat(path, &st) >= 0) {
+ /* Is the timestamp file already newer than the OS? If
+ * so, there's nothing to do. We ignore the nanosecond
+ * component of the timestamp, since some file systems
+ * do not support any better accuracy than 1s and we
+ * have no way to identify the accuracy
+ * available. Most notably ext4 on small disks (where
+ * 128 byte inodes are used) does not support better
+ * accuracy than 1s. */
+ if (st.st_mtim.tv_sec > ts->tv_sec)
+ return 0;
+
+ /* It is older? Then let's update it */
+ if (utimensat(AT_FDCWD, path, twice, AT_SYMLINK_NOFOLLOW) < 0) {
+
+ if (errno == EROFS)
+ return log_debug("Can't update timestamp file %s, file system is read-only.", path);
+
+ return log_error_errno(errno, "Failed to update timestamp on %s: %m", path);
+ }
+
+ } else if (errno == ENOENT) {
+ _cleanup_close_ int fd = -1;
+ int r;
+
+ /* The timestamp file doesn't exist yet? Then let's create it. */
+
+ r = mac_selinux_create_file_prepare(path, S_IFREG);
+ if (r < 0)
+ return log_error_errno(r, "Failed to set SELinux context for %s: %m", path);
+
+ fd = open(path, O_CREAT|O_EXCL|O_WRONLY|O_TRUNC|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0644);
+ mac_selinux_create_file_clear();
+
+ if (fd < 0) {
+ if (errno == EROFS)
+ return log_debug("Can't create timestamp file %s, file system is read-only.", path);
+
+ return log_error_errno(errno, "Failed to create timestamp file %s: %m", path);
+ }
+
+ (void) loop_write(fd, MESSAGE, strlen(MESSAGE), false);
+
+ if (futimens(fd, twice) < 0)
+ return log_error_errno(errno, "Failed to update timestamp on %s: %m", path);
+ } else
+ log_error_errno(errno, "Failed to stat() timestamp file %s: %m", path);
+
+ return 0;
+}
+
+int main(int argc, char *argv[]) {
+ struct stat st;
+ int r, q = 0;
+
+ log_set_target(LOG_TARGET_AUTO);
+ log_parse_environment();
+ log_open();
+
+ if (stat("/usr", &st) < 0) {
+ log_error_errno(errno, "Failed to stat /usr: %m");
+ return EXIT_FAILURE;
+ }
+
+ r = mac_selinux_init();
+ if (r < 0) {
+ log_error_errno(r, "SELinux setup failed: %m");
+ goto finish;
+ }
+
+ r = apply_timestamp("/etc/.updated", &st.st_mtim);
+ q = apply_timestamp("/var/.updated", &st.st_mtim);
+
+finish:
+ return r < 0 || q < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+}