1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
|
/*
Copyright 2024 Northern.tech AS
This file is part of CFEngine 3 - written and maintained by Northern.tech AS.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; version 3.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
To the extent this program is licensed as part of the Enterprise
versions of CFEngine, the applicable Commercial Open Source License
(COSL) may apply to this file if you as a licensee so wish it. See
included file COSL.txt.
*/
#include <verify_new_packages.h>
#include <package_module.h>
#include <logging.h>
#include <string_lib.h>
#include <locks.h>
#include <ornaments.h>
#include <promises.h> /* PromiseRef */
static bool NewPackagePromiseSanityCheck(const Attributes *a)
{
assert(a != NULL);
if (!a->new_packages.module_body || !a->new_packages.module_body->name)
{
Log(LOG_LEVEL_ERR, "Can not find package module body in policy.");
return false;
}
if (a->new_packages.module_body->updates_ifelapsed == CF_NOINT ||
a->new_packages.module_body->installed_ifelapsed == CF_NOINT)
{
Log(LOG_LEVEL_ERR,
"Invalid or missing arguments in package_module body '%s': "
"query_installed_ifelapsed = %d query_updates_ifelapsed = %d",
a->new_packages.module_body->name,
a->new_packages.module_body->installed_ifelapsed,
a->new_packages.module_body->updates_ifelapsed);
return false;
return false;
}
if (a->new_packages.package_policy == NEW_PACKAGE_ACTION_NONE)
{
Log(LOG_LEVEL_ERR, "Unsupported package policy in package promise.");
return false;
}
return true;
}
PromiseResult HandleNewPackagePromiseType(EvalContext *ctx, const Promise *pp, const Attributes *a)
{
assert(a != NULL);
Log(LOG_LEVEL_DEBUG, "New package promise handler");
if (!NewPackagePromiseSanityCheck(a))
{
cfPS(ctx, LOG_LEVEL_ERR, PROMISE_RESULT_FAIL, pp, a,
"New package promise failed sanity check.");
return PROMISE_RESULT_FAIL;
}
PromiseBanner(ctx, pp);
PackagePromiseGlobalLock global_lock = AcquireGlobalPackagePromiseLock(ctx);
CfLock package_promise_lock;
char promise_lock[CF_BUFSIZE];
snprintf(promise_lock, sizeof(promise_lock), "new-package-%s-%s",
pp->promiser, a->new_packages.module_body->name);
if (global_lock.g_lock.lock == NULL)
{
Log(LOG_LEVEL_DEBUG, "Skipping promise execution due to global packaging locking.");
return PROMISE_RESULT_SKIPPED;
}
package_promise_lock =
AcquireLock(ctx, promise_lock, VUQNAME, CFSTARTTIME,
a->transaction.ifelapsed, a->transaction.expireafter, pp, false);
if (package_promise_lock.lock == NULL)
{
YieldGlobalPackagePromiseLock(global_lock);
Log(LOG_LEVEL_DEBUG, "Skipping promise execution due to promise-specific package locking.");
return PROMISE_RESULT_SKIPPED;
}
PackageModuleWrapper *package_module =
NewPackageModuleWrapper(a->new_packages.module_body);
if (package_module == NULL)
{
cfPS(ctx, LOG_LEVEL_ERR, PROMISE_RESULT_FAIL, pp, a,
"Some error occurred while contacting package module for promise '%s'",
pp->promiser);
YieldCurrentLock(package_promise_lock);
YieldGlobalPackagePromiseLock(global_lock);
return PROMISE_RESULT_FAIL;
}
PromiseResult result = PROMISE_RESULT_FAIL;
switch (a->new_packages.package_policy)
{
case NEW_PACKAGE_ACTION_ABSENT:
result = HandleAbsentPromiseAction(ctx, pp, a, package_module);
switch (result)
{
case PROMISE_RESULT_FAIL:
cfPS(ctx, LOG_LEVEL_ERR, PROMISE_RESULT_FAIL, pp, a,
"Error removing package '%s'", pp->promiser);
break;
case PROMISE_RESULT_CHANGE:
cfPS(ctx, LOG_LEVEL_INFO, PROMISE_RESULT_CHANGE, pp, a,
"Successfully removed package '%s'", pp->promiser);
break;
case PROMISE_RESULT_NOOP:
/* Properly logged in HandleAbsentPromiseAction() */
cfPS(ctx, LOG_LEVEL_NOTHING, PROMISE_RESULT_NOOP, pp, a, NULL);
break;
case PROMISE_RESULT_WARN:
/* Properly logged in HandleAbsentPromiseAction() */
cfPS(ctx, LOG_LEVEL_NOTHING, PROMISE_RESULT_WARN, pp, a, NULL);
break;
default:
ProgrammingError("Absent promise action evaluation returned"
" unsupported result: %d", result);
break;
}
break;
case NEW_PACKAGE_ACTION_PRESENT:
result = HandlePresentPromiseAction(ctx, pp, a, package_module);
switch (result)
{
case PROMISE_RESULT_FAIL:
cfPS(ctx, LOG_LEVEL_ERR, PROMISE_RESULT_FAIL, pp, a,
"Error installing package '%s'", pp->promiser);
break;
case PROMISE_RESULT_CHANGE:
cfPS(ctx, LOG_LEVEL_INFO, PROMISE_RESULT_CHANGE, pp, a,
"Successfully installed package '%s'", pp->promiser);
break;
case PROMISE_RESULT_NOOP:
cfPS(ctx, LOG_LEVEL_VERBOSE, PROMISE_RESULT_NOOP, pp, a,
"Package '%s' already installed", pp->promiser);
break;
case PROMISE_RESULT_WARN:
/* Properly logged in HandlePresentPromiseAction() */
cfPS(ctx, LOG_LEVEL_NOTHING, PROMISE_RESULT_WARN, pp, a, NULL);
break;
default:
ProgrammingError("Present promise action evaluation returned"
" unsupported result: %d", result);
break;
}
break;
case NEW_PACKAGE_ACTION_NONE:
default:
ProgrammingError("Unsupported package action: %d", a->new_packages.package_policy);
break;
}
DeletePackageModuleWrapper(package_module);
YieldCurrentLock(package_promise_lock);
YieldGlobalPackagePromiseLock(global_lock);
return result;
}
|
