install: Split internal main phase into two

Split up: - Initialize empty sysroot - Install container to sysroot This makes it easier to do more things that still reference the sysroot. (The git diff for this change is...really nice IMO, very straightforward) Signed-off-by: Colin Walters <[email protected]>
containers · Jul 18, 2024 · 53550fc · 53550fc
1 parent d91c00a
commit 53550fc
Showing 1 changed file with 20 additions and 11 deletions.
diff --git a/lib/src/install.rs b/lib/src/install.rs
@@ -542,15 +542,9 @@ pub(crate) fn print_configuration() -> Result<()> {
 }
 
 #[context("Creating ostree deployment")]
-async fn initialize_ostree_root_from_self(
-    state: &State,
-    root_setup: &RootSetup,
-) -> Result<InstallAleph> {
+async fn initialize_ostree_root(state: &State, root_setup: &RootSetup) -> Result<ostree::Sysroot> {
     let sepolicy = state.load_policy()?;
     let sepolicy = sepolicy.as_ref();
-
-    let container_rootfs = &Dir::open_ambient_dir("/", cap_std::ambient_authority())?;
-
     // Load a fd for the mounted target physical root
     let rootfs_dir = &root_setup.rootfs_fd;
     let rootfs = root_setup.rootfs.as_path();
@@ -607,6 +601,20 @@ async fn initialize_ostree_root_from_self(
 
     let sysroot = ostree::Sysroot::new(Some(&gio::File::for_path(rootfs)));
     sysroot.load(cancellable)?;
+    Ok(sysroot)
+}
+
+#[context("Creating ostree deployment")]
+async fn install_container(
+    state: &State,
+    root_setup: &RootSetup,
+    sysroot: &ostree::Sysroot,
+) -> Result<InstallAleph> {
+    let sepolicy = state.load_policy()?;
+    let sepolicy = sepolicy.as_ref();
+    let stateroot = STATEROOT_DEFAULT;
+
+    let container_rootfs = &Dir::open_ambient_dir("/", cap_std::ambient_authority())?;
 
     let (src_imageref, proxy_cfg) = if !state.source.in_host_mountns {
         (state.source.imageref.clone(), None)
@@ -692,15 +700,15 @@ async fn initialize_ostree_root_from_self(
     )
     .await?;
 
-    sysroot.load(cancellable)?;
     let deployment = sysroot
         .deployments()
         .into_iter()
         .next()
         .ok_or_else(|| anyhow::anyhow!("Failed to find deployment"))?;
     // SAFETY: There must be a path
     let path = sysroot.deployment_dirpath(&deployment);
-    let root = rootfs_dir
+    let root = root_setup
+        .rootfs_fd
         .open_dir(path.as_str())
         .context("Opening deployment dir")?;
 
@@ -713,7 +721,7 @@ async fn initialize_ostree_root_from_self(
         for d in ["ostree", "boot"] {
             let mut pathbuf = Utf8PathBuf::from(d);
             crate::lsm::ensure_dir_labeled_recurse(
-                rootfs_dir,
+                &root_setup.rootfs_fd,
                 &mut pathbuf,
                 policy,
                 Some(deployment_root_devino),
@@ -1228,8 +1236,9 @@ async fn install_to_filesystem_impl(state: &State, rootfs: &mut RootSetup) -> Re
     tracing::debug!("boot uuid={boot_uuid}");
 
     // Write the aleph data that captures the system state at the time of provisioning for aid in future debugging.
+    let sysroot = initialize_ostree_root(state, rootfs).await?;
     {
-        let aleph = initialize_ostree_root_from_self(state, rootfs).await?;
+        let aleph = install_container(state, rootfs, &sysroot).await?;
         rootfs
             .rootfs_fd
             .atomic_replace_with(BOOTC_ALEPH_PATH, |f| {