This fixes a problem where you drop to a shell and refresh subiquity
from that shell -- the client tries to restart but it is running in the
background and so crashes trying to modify the terminal settings. So
this kills the subprocess before restarting. This required the extremely
angry PR I sent before: forcefully killing the subprocess also crashes
the client before restart in a similar way.
Here is something you can try with a live server installer today: drop
into a subshell and type "kill -9 $$". The installer will crash with an
'Input/output error' from tcsetattr.
What's going on is some deep unix arcana: when the subshell exits via
signal somehow the shell's process group is still in the foreground
(even though there are no processes in it?) and calling tcsetattr() from
a background process is not allowed. So the fix for this is reasonably
simple (or at least: short): call tcsetpgrp() to put our process group
back into the foreground. A background process doing this gets sent
SIGTTOU, but if we ignore that, all is well.
Frankly this is all very strange and I would like a lie down now.
* Add element updates (non-UI)
This can be controlled with autoinstall
updates: security or all
Also an API for controlling this:
curl --silent --unix-socket .subiquity/socket a/updates ->
"security"
curl -d '"all"' --unix-socket .subiquity/socket a/updates
* Automated tests - log grep for default/none/all states
* Enforce possible values on Updates controller
Route all the various get/set thru 2 common functions.
Validate incoming data.
Splitting subiquity into server and client means that in general
old versions of the client can still be running when the server is
updated (the client running on tty1 will be restarted by snapd/systemd
when the snap is updated but clients running via e.g. ssh will not). I
implemented a way for the client to detect this and restart itself: the
server sets a header in all responses that indicates if it has been
updated. So far so good. But the way it knows that it has been updated
is to check the presence of a file that is only created when subiquity
itself triggers the refresh, so it's not there in the case of manual
refresh, and as reported in https://bugs.launchpad.net/bugs/1921820 this
can lead to the client crashing because it cannot parse the new server's
response. This simply changes to creating the marker file in the snap
post-refresh hook, which will be executed for manual snap refreshes as
well.
While I'm at it, remove the rest of the post-install hook that restarted
subiquity clients running on the serial line as the generic machinery
will work for these too.
I checked the lszdev source and for all the other fields that we are
assume are boolean, it can only output "yes" or "no". Today, at least --
not sure how to make sure this is not broken by future changes. Still
this is a help.
for https://bugs.launchpad.net/subiquity/+bug/1919420
The NAME_REGEX currently used is "[a-z_][a-z0-9_-]*" which does correctly prevent hostnames starting with a hyphen.. but also prevents otherwise perfectly valid hostnames that start with a number. (Interestingly, an underscore is not defined as a valid hostname character, but is included as valid in the regex, I'm not sure why this is included but am leaving it in for backwards compatibility)
This patch adds 0-9 as valid characters at the start of a hostname, as per https://man7.org/linux/man-pages/man7/hostname.7.html#:~:text=Valid%20characters%20for%20hostnames%20are,to%20an%20address%20for%20use.
Each element of the hostname must be from 1 to 63 characters long
and the entire hostname, including the dots, can be at most 253
characters long. Valid characters for hostnames are ASCII(7)
letters from a to z, the digits from 0 to 9, and the hyphen (-).
A hostname may not start with a hyphen.
subiquity inherits this behavior from d-i where if a the user selects a
layout that does not allow typing latin characters, the user is prompted
to choose a key to toggle between the one they selected and a related
one that does allow latin characters. This change moves the handling of
this to the server side, so the client just sees the keyboard layout the
user selects, and calls an API method to know if to ask the user about a
toggle key.
Continuing the theme of previous work, this branch parses pc105.tree
into API-friendly attr-based classes at snap build time (which also lets
us check some constraints then and not at run time).
This is a bit sideways from the real thing I'm working on which is
moving most of the logic of keyboard handling to the server side but
anyway. This also lets me check some assumptions while processing the
data rather than in the view code.
Michael Hudson-Doyle