func (b *Backend) Setup(snapInfo *snap.Info, confinement interfaces.ConfinementOptions, repo *interfaces.Repository) error {
snapName := snapInfo.Name()
rawSnippets, err := repo.SecuritySnippetsForSnap(snapInfo.Name(), interfaces.SecuritySystemd)
if err != nil {
return fmt.Errorf("cannot obtain systemd security snippets for snap %q: %s", snapName, err)
}
snippets, err := unmarshalRawSnippetMap(rawSnippets)
if err != nil {
return fmt.Errorf("cannot unmarshal systemd snippets for snap %q: %s", snapName, err)
}
snippet, err := mergeSnippetMap(snippets)
if err != nil {
return fmt.Errorf("cannot merge systemd snippets for snap %q: %s", snapName, err)
}
content, err := renderSnippet(snippet)
if err != nil {
return fmt.Errorf("cannot render systemd snippets for snap %q: %s", snapName, err)
}
dir := dirs.SnapServicesDir
if err := os.MkdirAll(dir, 0755); err != nil {
return fmt.Errorf("cannot create directory for systemd services %q: %s", dir, err)
}
glob := interfaces.InterfaceServiceName(snapName, "*")
systemd := sysd.New(dirs.GlobalRootDir, &dummyReporter{})
// We need to be carefully here and stop all removed service units before
// we remove their files as otherwise systemd is not able to disable/stop
// them anymore.
if err := disableRemovedServices(systemd, dir, glob, content); err != nil {
logger.Noticef("cannot stop removed services: %s", err)
}
changed, removed, errEnsure := osutil.EnsureDirState(dir, glob, content)
// Reload systemd whenever something is added or removed
if len(changed) > 0 || len(removed) > 0 {
err := systemd.DaemonReload()
if err != nil {
logger.Noticef("cannot reload systemd state: %s", err)
}
}
// Ensure the service is running right now and on reboots
for _, service := range changed {
if err := systemd.Enable(service); err != nil {
logger.Noticef("cannot enable service %q: %s", service, err)
}
// If we have a new service here which isn't started yet the restart
// operation will start it.
if err := systemd.Restart(service, 10*time.Second); err != nil {
logger.Noticef("cannot restart service %q: %s", service, err)
}
}
return errEnsure
}
func (b *Backend) Setup(snapInfo *snap.Info, devMode bool, repo *interfaces.Repository) error {
snapName := snapInfo.Name()
rawSnippets, err := repo.SecuritySnippetsForSnap(snapInfo.Name(), interfaces.SecuritySystemd)
if err != nil {
return fmt.Errorf("cannot obtain systemd security snippets for snap %q: %s", snapName, err)
}
snippets, err := unmarshalRawSnippetMap(rawSnippets)
if err != nil {
return fmt.Errorf("cannot unmarshal systemd snippets for snap %q: %s", snapName, err)
}
snippet, err := mergeSnippetMap(snippets)
if err != nil {
return fmt.Errorf("cannot merge systemd snippets for snap %q: %s", snapName, err)
}
content, err := renderSnippet(snippet)
if err != nil {
return fmt.Errorf("cannot render systemd snippets for snap %q: %s", snapName, err)
}
dir := dirs.SnapServicesDir
if err := os.MkdirAll(dir, 0755); err != nil {
return fmt.Errorf("cannot create directory for systemd services %q: %s", dir, err)
}
glob := interfaces.InterfaceServiceName(snapName, "*")
changed, removed, errEnsure := osutil.EnsureDirState(dir, glob, content)
systemd := sysd.New(dirs.GlobalRootDir, &dummyReporter{})
// Reload systemd whenever something is added or removed
if len(changed) > 0 || len(removed) > 0 {
err := systemd.DaemonReload()
if err != nil {
logger.Noticef("cannot reload systemd state: %s", err)
}
}
// Start any new services
for _, service := range changed {
err := systemd.Start(service)
if err != nil {
logger.Noticef("cannot start service %q: %s", service, err)
}
}
// Stop any removed services
for _, service := range removed {
err := systemd.Stop(service, 10*time.Second)
if err != nil {
logger.Noticef("cannot stop service %q: %s", service, err)
}
}
return errEnsure
}
func (b *Backend) Remove(snapName string) error {
systemd := sysd.New(dirs.GlobalRootDir, &dummyReporter{})
// Remove all the files matching snap glob
glob := interfaces.InterfaceServiceName(snapName, "*")
_, removed, errEnsure := osutil.EnsureDirState(dirs.SnapServicesDir, glob, nil)
for _, service := range removed {
if err := systemd.DisableNow(service); err != nil {
logger.Noticef("cannot disable service %q: %s", service, err)
}
}
// Reload systemd whenever something is removed
if len(removed) > 0 {
err := systemd.DaemonReload()
if err != nil {
logger.Noticef("cannot reload systemd state: %s", err)
}
}
return errEnsure
}
func (iface *GpioInterface) ConnectedSlotRichSnippet(plug *interfaces.Plug, slot *interfaces.Slot, securitySystem interfaces.SecuritySystem) (*systemd.Snippet, error) {
switch securitySystem {
case interfaces.SecuritySystemd:
gpioNum, ok := slot.Attrs["number"].(int64)
if !ok {
return nil, fmt.Errorf("gpio slot has invalid number attribute: %q", slot.Attrs["number"])
}
serviceName := interfaces.InterfaceServiceName(slot.Snap.Name(), fmt.Sprintf("gpio-%d", gpioNum))
snippet := &systemd.Snippet{
Services: map[string]systemd.Service{
serviceName: {
Type: "oneshot",
RemainAfterExit: true,
ExecStart: fmt.Sprintf("/bin/sh -c 'test -e /sys/class/gpio/gpio%d || echo %d > /sys/class/gpio/export'", gpioNum, gpioNum),
ExecStop: fmt.Sprintf("/bin/sh -c 'test ! -e /sys/class/gpio/gpio%d || echo %d > /sys/class/gpio/unexport'", gpioNum, gpioNum),
},
},
}
return snippet, nil
}
return nil, nil
}