diff --git a/gnu/build/file-systems.scm b/gnu/build/file-systems.scm index d95340df83..b06a4cc25c 100644 --- a/gnu/build/file-systems.scm +++ b/gnu/build/file-systems.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2020, 2021 Ludovic Courtès +;;; Copyright © 2014-2018, 2020-2022 Ludovic Courtès ;;; Copyright © 2016, 2017 David Craven ;;; Copyright © 2017 Mathieu Othacehe ;;; Copyright © 2019 Guillaume Le Vaillant @@ -54,6 +54,7 @@ (define-module (gnu build file-systems) bind-mount + system*/tty mount-flags->bit-mask check-file-system mount-file-system @@ -67,6 +68,33 @@ (define-module (gnu build file-systems) ;;; ;;; Code: +(define (system*/console program . args) + "Run PROGRAM with ARGS in a tty on top of /dev/console. The return value is +as for 'system*'." + (match (primitive-fork) + (0 + (dynamic-wind + (const #t) + (lambda () + (login-tty (open-fdes "/dev/console" O_RDWR)) + (apply execlp program program args)) + (lambda () + (primitive-_exit 127)))) + (pid + (cdr (waitpid pid))))) + +(define (system*/tty program . args) + "Run PROGRAM with ARGS, creating a tty if its standard input isn't one. +The return value is as for 'system*'. + +This is necessary for commands such as 'cryptsetup open' or 'fsck' that may +need to interact with the user but might be invoked from shepherd, where +standard input is /dev/null." + (apply (if (isatty? (current-input-port)) + system* + system*/console) + program args)) + (define (bind-mount source target) "Bind-mount SOURCE at TARGET." (mount source target "" MS_BIND)) @@ -180,13 +208,13 @@ (define (check-ext2-file-system device force? repair) do not write to the file system to fix errors. If it's #t, fix all errors. Otherwise, fix only those considered safe to repair automatically." (match (status:exit-val - (apply system* `("e2fsck" "-v" "-C" "0" - ,@(if force? '("-f") '()) - ,@(match repair - (#f '("-n")) - (#t '("-y")) - (_ '("-p"))) - ,device))) + (apply system*/tty "e2fsck" "-v" "-C" "0" + `(,@(if force? '("-f") '()) + ,@(match repair + (#f '("-n")) + (#t '("-y")) + (_ '("-p"))) + ,device))) (0 'pass) (1 'errors-corrected) (2 'reboot-required) @@ -312,14 +340,14 @@ (define (check-bcachefs-file-system device force? repair) (status ;; A number, or #f on abnormal termination (e.g., assertion failure). (status:exit-val - (apply system* `("bcachefs" "fsck" "-v" - ,@(if force? '("-f") '()) - ,@(match repair - (#f '("-n")) - (#t '("-y")) - (_ '("-p"))) - ;; Make each multi-device member a separate argument. - ,@(string-split device #\:)))))) + (apply system*/tty "bcachefs" "fsck" "-v" + `(,@(if force? '("-f") '()) + ,@(match repair + (#f '("-n")) + (#t '("-y")) + (_ '("-p"))) + ;; Make each multi-device member a separate argument. + ,@(string-split device #\:)))))) (match (and=> status (cut logand <> (lognot ignored-bits))) (0 'pass) (1 'errors-corrected) @@ -364,17 +392,17 @@ (define (check-btrfs-file-system device force? repair) fix only those considered safe to repair automatically." (if force? (match (status:exit-val - (apply system* `("btrfs" "check" "--progress" - ;; Btrfs's ‘--force’ is not relevant to us here. - ,@(match repair - ;; Upstream considers ALL repairs dangerous - ;; and will warn the user at run time. - (#t '("--repair")) - (_ '("--readonly" ; a no-op for clarity - ;; A 466G file system with 180G used is - ;; enough to kill btrfs with 6G of RAM. - "--mode" "lowmem"))) - ,device))) + (apply system*/tty "btrfs" "check" "--progress" + ;; Btrfs's ‘--force’ is not relevant to us here. + `(,@(match repair + ;; Upstream considers ALL repairs dangerous + ;; and will warn the user at run time. + (#t '("--repair")) + (_ '("--readonly" ; a no-op for clarity + ;; A 466G file system with 180G used is + ;; enough to kill btrfs with 6G of RAM. + "--mode" "lowmem"))) + ,device))) (0 'pass) (_ 'fatal-error)) 'pass)) @@ -412,11 +440,11 @@ (define (check-fat-file-system device force? repair) not write to the file system to fix errors. Otherwise, automatically fix them using the least destructive approach." (match (status:exit-val - (apply system* `("fsck.vfat" "-v" - ,@(match repair - (#f '("-n")) - (_ '("-a"))) ; no 'safe/#t distinction - ,device))) + (system*/tty "fsck.vfat" "-v" + (match repair + (#f "-n") + (_ "-a")) ;no 'safe/#t distinction + device)) (0 'pass) (1 'errors-corrected) (_ 'fatal-error))) @@ -545,7 +573,7 @@ (define (check-jfs-file-system device force? repair) only if FORCE? is true. Otherwise, replay the transaction log before checking and automatically fix found errors." (match (status:exit-val - (apply system* + (apply system*/tty `("jfs_fsck" "-v" ;; The ‘LEVEL’ logic is convoluted. To quote fsck/xchkdsk.c ;; (‘-p’, ‘-a’, and ‘-r’ are aliases in every way): @@ -621,10 +649,10 @@ (define (check-f2fs-file-system device force? repair) "warning: forced check of F2FS ~a implies repairing any errors~%" device)) (match (status:exit-val - (apply system* `("fsck.f2fs" - ,@(if force? '("-f") '()) - ,@(if repair '("-p") '("--dry-run")) - ,device))) + (apply system*/tty "fsck.f2fs" + `(,@(if force? '("-f") '()) + ,@(if repair '("-p") '("--dry-run")) + ,device))) ;; 0 and -1 are the only two possibilities according to the man page. (0 'pass) (_ 'fatal-error))) @@ -709,9 +737,9 @@ (define (check-ntfs-file-system device force? repair) true and the volume has been repaired by an external tool, clear the volume dirty flag to indicate that it's now safe to mount." (match (status:exit-val - (apply system* `("ntfsfix" - ,@(if repair '("--clear-dirty") '("--no-action")) - ,device))) + (system*/tty "ntfsfix" + (if repair "--clear-dirty" "--no-action") + device)) (0 'pass) (_ 'fatal-error))) @@ -754,11 +782,11 @@ (define (check-xfs-file-system device force? repair) Otherwise, only replay the log, and check without attempting further repairs." (define (xfs_repair) (status:exit-val - (apply system* `("xfs_repair" "-Pv" - ,@(match repair - (#t '("-e")) - (_ '("-n"))) ; will miss some errors - ,device)))) + (system*/tty "xfs_repair" "-Pv" + (match repair + (#t "-e") + (_ "-n")) ;will miss some errors + device))) (if force? ;; xfs_repair fails with exit status 2 if the log is dirty, which is ;; likely in situations where you're running xfs_repair. Only the kernel diff --git a/gnu/system/mapped-devices.scm b/gnu/system/mapped-devices.scm index 96a381d5fe..e6b8970c12 100644 --- a/gnu/system/mapped-devices.scm +++ b/gnu/system/mapped-devices.scm @@ -1,5 +1,5 @@ ;;; GNU Guix --- Functional package management for GNU -;;; Copyright © 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès +;;; Copyright © 2014-2022 Ludovic Courtès ;;; Copyright © 2016 Andreas Enge ;;; Copyright © 2017, 2018 Mark H Weaver ;;; @@ -202,7 +202,8 @@ (define (open-luks-device source targets) ;; XXX: 'use-modules' should be at the top level. (use-modules (rnrs bytevectors) ;bytevector? ((gnu build file-systems) - #:select (find-partition-by-luks-uuid)) + #:select (find-partition-by-luks-uuid + system*/tty)) ((guix build utils) #:select (mkdir-p))) ;; Create '/run/cryptsetup/' if it does not exist, as device locking @@ -211,28 +212,32 @@ (define (open-luks-device source targets) ;; Use 'cryptsetup-static', not 'cryptsetup', to avoid pulling the ;; whole world inside the initrd (for when we're in an initrd). - (zero? (system* #$(file-append cryptsetup-static "/sbin/cryptsetup") - "open" "--type" "luks" + ;; 'cryptsetup open' requires standard input to be a tty to allow + ;; for interaction but shepherd sets standard input to /dev/null; + ;; thus, explicitly request a tty. + (zero? (system*/tty + #$(file-append cryptsetup-static "/sbin/cryptsetup") + "open" "--type" "luks" - ;; Note: We cannot use the "UUID=source" syntax here - ;; because 'cryptsetup' implements it by searching the - ;; udev-populated /dev/disk/by-id directory but udev may - ;; be unavailable at the time we run this. - (if (bytevector? source) - (or (let loop ((tries-left 10)) - (and (positive? tries-left) - (or (find-partition-by-luks-uuid source) - ;; If the underlying partition is - ;; not found, try again after - ;; waiting a second, up to ten - ;; times. FIXME: This should be - ;; dealt with in a more robust way. - (begin (sleep 1) - (loop (- tries-left 1)))))) - (error "LUKS partition not found" source)) - source) + ;; Note: We cannot use the "UUID=source" syntax here + ;; because 'cryptsetup' implements it by searching the + ;; udev-populated /dev/disk/by-id directory but udev may + ;; be unavailable at the time we run this. + (if (bytevector? source) + (or (let loop ((tries-left 10)) + (and (positive? tries-left) + (or (find-partition-by-luks-uuid source) + ;; If the underlying partition is + ;; not found, try again after + ;; waiting a second, up to ten + ;; times. FIXME: This should be + ;; dealt with in a more robust way. + (begin (sleep 1) + (loop (- tries-left 1)))))) + (error "LUKS partition not found" source)) + source) - #$target))))))) + #$target))))))) (define (close-luks-device source targets) "Return a gexp that closes TARGET, a LUKS device."