Skip to content

Commit 9268f07

Browse files
cgwalterscgwalters
committed
deploy: Fix possible truncated write
Pointed out by clippy. Also switch to doing atomic writes. Signed-off-by: Colin Walters <walters@verbum.org>
1 parent e415110 commit 9268f07

1 file changed

Lines changed: 16 additions & 15 deletions

File tree

crates/lib/src/deploy.rs

Lines changed: 16 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -745,35 +745,36 @@ pub(crate) async fn stage(
745745
#[context("Rolling back UKI")]
746746
pub(crate) fn rollback_composefs_uki(current: &BootEntry, rollback: &BootEntry) -> Result<()> {
747747
let user_cfg_name = "grub2/user.cfg.staged";
748-
let user_cfg_path = PathBuf::from("/sysroot/boot").join(user_cfg_name);
748+
let user_cfg_path = PathBuf::from("boot").join(user_cfg_name);
749+
let sysroot = &Dir::open_ambient_dir("/sysroot", cap_std::ambient_authority())?;
749750

750751
let efi_uuid_source = get_efi_uuid_source();
751752

752-
// TODO: Need to check if user.cfg.staged exists
753-
let mut usr_cfg = std::fs::OpenOptions::new()
754-
.write(true)
755-
.create(true)
756-
.truncate(true)
757-
.open(user_cfg_path)
758-
.with_context(|| format!("Opening {user_cfg_name}"))?;
759-
760-
usr_cfg.write(efi_uuid_source.as_bytes())?;
761-
762-
let verity = if let Some(composefs) = &rollback.composefs {
753+
let rollback_verity = if let Some(composefs) = &rollback.composefs {
763754
composefs.verity.clone()
764755
} else {
765756
// Shouldn't really happen
766757
anyhow::bail!("Verity not found for rollback deployment")
767758
};
768-
usr_cfg.write(get_user_config(todo!(), &verity).as_bytes())?;
759+
let rollback_config = get_user_config(todo!(), &rollback_verity).as_bytes();
769760

770-
let verity = if let Some(composefs) = &current.composefs {
761+
let current_verity = if let Some(composefs) = &current.composefs {
771762
composefs.verity.clone()
772763
} else {
773764
// Shouldn't really happen
774765
anyhow::bail!("Verity not found for booted deployment")
775766
};
776-
usr_cfg.write(get_user_config(todo!(), &verity).as_bytes())?;
767+
let current_config = get_user_config(todo!(), &current_verity).as_bytes();
768+
769+
// TODO: Need to check if user.cfg.staged exists
770+
sysroot
771+
.atomic_replace_with(user_cfg_path, |w| {
772+
write!(w, "{efi_uuid_source}")?;
773+
w.write_all(rollback_config)?;
774+
w.write_all(current_config)?;
775+
Ok(())
776+
})
777+
.with_context(|| format!("Writing {user_cfg_name}"))?;
777778

778779
Ok(())
779780
}

0 commit comments

Comments
 (0)