2012-01-20 19:34:52 +00:00
|
|
|
{- git-annex ssh interface, with connection caching
|
|
|
|
-
|
|
|
|
- Copyright 2012 Joey Hess <joey@kitenet.net>
|
|
|
|
-
|
|
|
|
- Licensed under the GNU GPL version 3 or higher.
|
|
|
|
-}
|
|
|
|
|
2012-10-15 18:49:40 +00:00
|
|
|
{-# LANGUAGE CPP #-}
|
|
|
|
|
2012-01-20 19:34:52 +00:00
|
|
|
module Annex.Ssh (
|
|
|
|
sshParams,
|
|
|
|
sshCleanup,
|
|
|
|
) where
|
|
|
|
|
|
|
|
import qualified Data.Map as M
|
|
|
|
|
|
|
|
import Common.Annex
|
|
|
|
import Annex.LockPool
|
Clean up handling of git directory and git worktree.
Baked into the code was an assumption that a repository's git directory
could be determined by adding ".git" to its work tree (or nothing for bare
repos). That fails when core.worktree, or GIT_DIR and GIT_WORK_TREE are
used to separate the two.
This was attacked at the type level, by storing the gitdir and worktree
separately, so Nothing for the worktree means a bare repo.
A complication arose because we don't learn where a repository is bare
until its configuration is read. So another Location type handles
repositories that have not had their config read yet. I am not entirely
happy with this being a Location type, rather than representing them
entirely separate from the Git type. The new code is not worse than the
old, but better types could enforce more safety.
Added support for core.worktree. Overriding it with -c isn't supported
because it's not really clear what to do if a git repo's config is read, is
not bare, and is then overridden to bare. What is the right git directory
in this case? I will worry about this if/when someone has a use case for
overriding core.worktree with -c. (See Git.Config.updateLocation)
Also removed and renamed some functions like gitDir and workTree that
misused git's terminology.
One minor regression is known: git annex add in a bare repository does not
print a nice error message, but runs git ls-files in a way that fails
earlier with a less nice error message. This is because before --work-tree
was always passed to git commands, even in a bare repo, while now it's not.
2012-05-18 20:38:26 +00:00
|
|
|
import qualified Git.Config
|
2012-03-22 04:23:15 +00:00
|
|
|
import Config
|
2012-02-25 23:15:29 +00:00
|
|
|
import qualified Build.SysConfig as SysConfig
|
2012-04-21 20:59:49 +00:00
|
|
|
import Annex.Perms
|
2012-01-20 19:34:52 +00:00
|
|
|
|
|
|
|
{- Generates parameters to ssh to a given host (or user@host) on a given
|
|
|
|
- port, with connection caching. -}
|
2012-01-20 21:32:32 +00:00
|
|
|
sshParams :: (String, Maybe Integer) -> [CommandParam] -> Annex [CommandParam]
|
|
|
|
sshParams (host, port) opts = go =<< sshInfo (host, port)
|
2012-01-20 19:34:52 +00:00
|
|
|
where
|
2012-01-20 21:32:32 +00:00
|
|
|
go (Nothing, params) = ret params
|
2012-01-20 21:13:36 +00:00
|
|
|
go (Just socketfile, params) = do
|
|
|
|
cleanstale
|
|
|
|
liftIO $ createDirectoryIfMissing True $ parentDir socketfile
|
|
|
|
lockFile $ socket2lock socketfile
|
2012-01-20 21:32:32 +00:00
|
|
|
ret params
|
|
|
|
ret ps = return $ ps ++ opts ++ portParams port ++ [Param host]
|
2012-01-20 19:34:52 +00:00
|
|
|
-- If the lock pool is empty, this is the first ssh of this
|
|
|
|
-- run. There could be stale ssh connections hanging around
|
|
|
|
-- from a previous git-annex run that was interrupted.
|
2012-02-16 04:41:30 +00:00
|
|
|
cleanstale = whenM (not . any isLock . M.keys <$> getPool) $
|
2012-01-20 19:34:52 +00:00
|
|
|
sshCleanup
|
|
|
|
|
2012-01-20 21:13:36 +00:00
|
|
|
sshInfo :: (String, Maybe Integer) -> Annex (Maybe FilePath, [CommandParam])
|
2012-03-14 21:43:34 +00:00
|
|
|
sshInfo (host, port) = ifM caching
|
|
|
|
( do
|
|
|
|
dir <- fromRepo gitAnnexSshDir
|
|
|
|
let socketfile = dir </> hostport2socket host port
|
2012-09-13 23:26:39 +00:00
|
|
|
if valid_unix_socket_path socketfile
|
|
|
|
then return (Just socketfile, cacheParams socketfile)
|
|
|
|
else do
|
|
|
|
socketfile' <- liftIO $ relPathCwdToFile socketfile
|
|
|
|
if valid_unix_socket_path socketfile'
|
|
|
|
then return (Just socketfile', cacheParams socketfile')
|
|
|
|
else return (Nothing, [])
|
2012-03-14 21:43:34 +00:00
|
|
|
, return (Nothing, [])
|
|
|
|
)
|
|
|
|
where
|
2012-10-15 18:49:40 +00:00
|
|
|
#ifdef WITH_OLD_SSH
|
|
|
|
caching = return False
|
|
|
|
#else
|
2012-03-14 21:43:34 +00:00
|
|
|
caching = fromMaybe SysConfig.sshconnectioncaching
|
Clean up handling of git directory and git worktree.
Baked into the code was an assumption that a repository's git directory
could be determined by adding ".git" to its work tree (or nothing for bare
repos). That fails when core.worktree, or GIT_DIR and GIT_WORK_TREE are
used to separate the two.
This was attacked at the type level, by storing the gitdir and worktree
separately, so Nothing for the worktree means a bare repo.
A complication arose because we don't learn where a repository is bare
until its configuration is read. So another Location type handles
repositories that have not had their config read yet. I am not entirely
happy with this being a Location type, rather than representing them
entirely separate from the Git type. The new code is not worse than the
old, but better types could enforce more safety.
Added support for core.worktree. Overriding it with -c isn't supported
because it's not really clear what to do if a git repo's config is read, is
not bare, and is then overridden to bare. What is the right git directory
in this case? I will worry about this if/when someone has a use case for
overriding core.worktree with -c. (See Git.Config.updateLocation)
Also removed and renamed some functions like gitDir and workTree that
misused git's terminology.
One minor regression is known: git annex add in a bare repository does not
print a nice error message, but runs git ls-files in a way that fails
earlier with a less nice error message. This is because before --work-tree
was always passed to git commands, even in a bare repo, while now it's not.
2012-05-18 20:38:26 +00:00
|
|
|
. Git.Config.isTrue
|
2012-05-06 00:15:32 +00:00
|
|
|
<$> getConfig (annexConfig "sshcaching") ""
|
2012-10-15 18:49:40 +00:00
|
|
|
#endif
|
2012-01-20 19:34:52 +00:00
|
|
|
|
|
|
|
cacheParams :: FilePath -> [CommandParam]
|
|
|
|
cacheParams socketfile =
|
|
|
|
[ Param "-S", Param socketfile
|
|
|
|
, Params "-o ControlMaster=auto -o ControlPersist=yes"
|
|
|
|
]
|
|
|
|
|
|
|
|
portParams :: Maybe Integer -> [CommandParam]
|
|
|
|
portParams Nothing = []
|
|
|
|
portParams (Just port) = [Param "-p", Param $ show port]
|
|
|
|
|
|
|
|
{- Stop any unused ssh processes. -}
|
|
|
|
sshCleanup :: Annex ()
|
|
|
|
sshCleanup = do
|
2012-02-16 04:41:30 +00:00
|
|
|
dir <- fromRepo gitAnnexSshDir
|
2012-03-06 17:56:20 +00:00
|
|
|
sockets <- filter (not . isLock) <$>
|
2012-09-17 04:18:07 +00:00
|
|
|
liftIO (catchDefaultIO [] $ dirContents dir)
|
2012-01-20 19:34:52 +00:00
|
|
|
forM_ sockets cleanup
|
|
|
|
where
|
|
|
|
cleanup socketfile = do
|
|
|
|
-- Drop any shared lock we have, and take an
|
|
|
|
-- exclusive lock, without blocking. If the lock
|
|
|
|
-- succeeds, nothing is using this ssh, and it can
|
|
|
|
-- be stopped.
|
|
|
|
let lockfile = socket2lock socketfile
|
|
|
|
unlockFile lockfile
|
2012-04-21 20:59:49 +00:00
|
|
|
mode <- annexFileMode
|
|
|
|
fd <- liftIO $ noUmask mode $
|
|
|
|
openFd lockfile ReadWrite (Just mode) defaultFileFlags
|
2012-02-03 20:47:24 +00:00
|
|
|
v <- liftIO $ tryIO $
|
|
|
|
setLock fd (WriteLock, AbsoluteSeek, 0, 0)
|
2012-01-20 19:34:52 +00:00
|
|
|
case v of
|
2012-04-22 03:32:33 +00:00
|
|
|
Left _ -> noop
|
2012-01-20 19:34:52 +00:00
|
|
|
Right _ -> stopssh socketfile
|
|
|
|
liftIO $ closeFd fd
|
|
|
|
stopssh socketfile = do
|
2012-02-10 01:49:46 +00:00
|
|
|
let (host, port) = socket2hostport socketfile
|
|
|
|
(_, params) <- sshInfo (host, port)
|
2012-04-22 03:04:59 +00:00
|
|
|
void $ liftIO $ do
|
2012-01-20 19:34:52 +00:00
|
|
|
-- "ssh -O stop" is noisy on stderr even with -q
|
|
|
|
let cmd = unwords $ toCommand $
|
|
|
|
[ Params "-O stop"
|
2012-02-10 01:49:46 +00:00
|
|
|
] ++ params ++ [Param host]
|
2012-04-22 03:04:59 +00:00
|
|
|
boolSystem "sh"
|
2012-01-20 19:34:52 +00:00
|
|
|
[ Param "-c"
|
|
|
|
, Param $ "ssh " ++ cmd ++ " >/dev/null 2>/dev/null"
|
|
|
|
]
|
2012-04-22 03:04:59 +00:00
|
|
|
-- Cannot remove the lock file; other processes may
|
|
|
|
-- be waiting on our exclusive lock to use it.
|
2012-01-20 19:34:52 +00:00
|
|
|
|
|
|
|
hostport2socket :: String -> Maybe Integer -> FilePath
|
|
|
|
hostport2socket host Nothing = host
|
|
|
|
hostport2socket host (Just port) = host ++ "!" ++ show port
|
|
|
|
|
|
|
|
socket2hostport :: FilePath -> (String, Maybe Integer)
|
|
|
|
socket2hostport socket
|
|
|
|
| null p = (h, Nothing)
|
2012-01-23 21:00:10 +00:00
|
|
|
| otherwise = (h, readish p)
|
2012-01-20 19:34:52 +00:00
|
|
|
where
|
|
|
|
(h, p) = separate (== '!') $ takeFileName socket
|
|
|
|
|
|
|
|
socket2lock :: FilePath -> FilePath
|
|
|
|
socket2lock socket = socket ++ lockExt
|
|
|
|
|
|
|
|
isLock :: FilePath -> Bool
|
|
|
|
isLock f = lockExt `isSuffixOf` f
|
|
|
|
|
|
|
|
lockExt :: String
|
|
|
|
lockExt = ".lock"
|
2012-09-13 23:26:39 +00:00
|
|
|
|
|
|
|
{- This is the size of the sun_path component of sockaddr_un, which
|
|
|
|
- is the limit to the total length of the filename of a unix socket.
|
|
|
|
-
|
|
|
|
- On Linux, this is 108. On OSX, 104. TODO: Probe
|
|
|
|
-}
|
|
|
|
sizeof_sockaddr_un_sun_path :: Int
|
|
|
|
sizeof_sockaddr_un_sun_path = 100
|
|
|
|
|
|
|
|
{- Note that this looks at the true length of the path in bytes, as it will
|
|
|
|
- appear on disk. -}
|
|
|
|
valid_unix_socket_path :: FilePath -> Bool
|
|
|
|
valid_unix_socket_path f = length (decodeW8 f) < sizeof_sockaddr_un_sun_path
|