From: Stoiko Ivanov <s.ivanov@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: Re: [pve-devel] [PATCH proxmox-ve v2 2/2] apt-hook: add check preventing the removal of pinned kernels
Date: Wed, 9 Feb 2022 18:22:39 +0100 [thread overview]
Message-ID: <20220209182239.27376cc6@rosa.proxmox.com> (raw)
In-Reply-To: <20220204184538.3139247-7-s.ivanov@proxmox.com>
while talking off-list about this I realized that I forgot to mention that
file_read_firstline is copied from PVE::Tools.
The rationale was that we might end up in a situation where pve-common
might not be available and the hook might still be called.
Also we might eventually have this hook in some of our other products,
which do not depend on pve-common (PBS for now).
if the series is accepted as-is - feel free to update the commit message.
else - I'll include it in the v3
sorry for the noise
On Fri, 4 Feb 2022 19:45:38 +0100
Stoiko Ivanov <s.ivanov@proxmox.com> wrote:
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
> debian/apthook/pve-apt-hook | 28 ++++++++++++++++++++++++++++
> 1 file changed, 28 insertions(+)
>
> diff --git a/debian/apthook/pve-apt-hook b/debian/apthook/pve-apt-hook
> index 50e50d1..6de56c4 100755
> --- a/debian/apthook/pve-apt-hook
> +++ b/debian/apthook/pve-apt-hook
> @@ -34,6 +34,17 @@ my $cleanup = sub {
> exit $rc;
> };
>
> +my $file_read_firstline = sub {
> + my ($filename) = @_;
> +
> + my $fh = IO::File->new($filename, "r");
> + return undef if !$fh;
> + my $res = <$fh>;
> + chomp $res if $res;
> + $fh->close;
> + return $res;
> +};
> +
> chomp (my $ver = <$fh>);
> if ($ver ne "VERSION 2") {
> $log->("apt-pve-hook misconfigured, expecting hook protocol version 2\n");
> @@ -84,6 +95,23 @@ while (my $line = <$fh>) {
> $cleanup->(0, 1);
> }
> }
> + if ($pkg =~ /^pve-kernel-/) {
> + if ($action eq '**REMOVE**') {
> + my $next_boot_ver = $file_read_firstline->("/etc/kernel/next-boot-pin");
> + my $pinned_ver = $file_read_firstline->("/etc/kernel/proxmox-boot-pin");
> + my $remove_pinned_ver = ($next_boot_ver && $pkg =~ /$next_boot_ver/);
> + $remove_pinned_ver ||= ($pinned_ver && $pkg =~ /$pinned_ver/);
> + if ($remove_pinned_ver) {
> + $log->("!! WARNING !!\n");
> + $log->("You are attempting to remove the currently pinned kernel '${pkg}'!\n");
> + $log->("\n");
> + $log->("If you really do not need the version anymore unpin it by running\n");
> + $log->("\tproxmox-boot-tool kernel unpin'\n");
> + $log->("and repeat your apt invocation.\n");
> + $cleanup->(1);
> + }
> + }
> + }
> }
>
> $cleanup->(0);
next prev parent reply other threads:[~2022-02-09 17:23 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-04 18:45 [pve-devel] [PATCH pve-kernel-meta/proxmox-ve v2] proxmox-boot: add kernel pinning functionality (#3761) Stoiko Ivanov
2022-02-04 18:45 ` [pve-devel] [PATCH pve-kernel-meta v2 1/4] proxmox-boot: return empty if file does not exist in get_first_line Stoiko Ivanov
2022-02-04 18:45 ` [pve-devel] [PATCH pve-kernel-meta v2 2/4] proxmox-boot: fix #3671 add pin/unpin for kernel-version Stoiko Ivanov
[not found] ` <<20220204184538.3139247-3-s.ivanov@proxmox.com>
2022-02-10 10:58 ` Fabian Grünbichler
2022-02-04 18:45 ` [pve-devel] [PATCH pve-kernel-meta v2 3/4] proxmox-boot: add kernel next-boot command Stoiko Ivanov
[not found] ` <<20220204184538.3139247-4-s.ivanov@proxmox.com>
2022-02-10 10:58 ` Fabian Grünbichler
2022-02-04 18:45 ` [pve-devel] [PATCH pve-kernel-meta v2 4/4] proxmox-boot: add pin/unpin functionality for non-p-b-t systems Stoiko Ivanov
2022-02-04 18:45 ` [pve-devel] [PATCH proxmox-ve v2 1/2] apt-hook: fix perlcritic warnings Stoiko Ivanov
2022-02-04 18:45 ` [pve-devel] [PATCH proxmox-ve v2 2/2] apt-hook: add check preventing the removal of pinned kernels Stoiko Ivanov
2022-02-09 17:22 ` Stoiko Ivanov [this message]
[not found] ` <<20220204184538.3139247-1-s.ivanov@proxmox.com>
2022-02-10 10:57 ` [pve-devel] [PATCH pve-kernel-meta/proxmox-ve v2] proxmox-boot: add kernel pinning functionality (#3761) Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220209182239.27376cc6@rosa.proxmox.com \
--to=s.ivanov@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox