daemon: split owner daemon from root helper
Move the supported systemd path to two services: an owner-user bangerd for orchestration and a narrow root helper for bridge/tap, NAT/resolver, dm/loop, and Firecracker ownership. This removes repeated sudo from daily vm and image flows without leaving the general daemon running as root. Add install metadata, system install/status/restart/uninstall commands, and a system-owned runtime layout. Keep user SSH/config material in the owner home, lock file_sync to the owner home, and move daemon known_hosts handling out of the old root-owned control path. Route privileged lifecycle steps through typed privilegedOps calls, harden the two systemd units, and rewrite smoke plus docs around the supported service model. Verified with make build, make test, make lint, and make smoke on the supported systemd host path.
This commit is contained in:
parent
3edd7c6de7
commit
59e48e830b
53 changed files with 3239 additions and 726 deletions
46
Makefile
46
Makefile
|
|
@ -51,10 +51,10 @@ help:
|
|||
' make fmt Format Go sources under cmd/ and internal/' \
|
||||
' make tidy Run go mod tidy' \
|
||||
' make clean Remove built Go binaries and coverage artefacts' \
|
||||
' make smoke Build instrumented binaries, run scripts/smoke.sh, report coverage (needs KVM + sudo)' \
|
||||
' make smoke-fresh smoke-clean + smoke — forces first-install paths (migrations, image pull) into the coverage stamp' \
|
||||
' make smoke Build instrumented binaries, run the supported systemd smoke suite, report coverage (needs KVM + sudo)' \
|
||||
' make smoke-fresh smoke-clean + smoke — purges stale smoke-owned installs before a clean supported-path run' \
|
||||
' make smoke-coverage-html HTML coverage report from the last smoke run' \
|
||||
' make smoke-clean Remove the smoke build tree'
|
||||
' make smoke-clean Remove the smoke build tree and purge any stale smoke-owned system install'
|
||||
|
||||
build: $(BINARIES)
|
||||
|
||||
|
|
@ -143,14 +143,17 @@ clean:
|
|||
rm -rf "$(BUILD_BIN_DIR)" coverage.out coverage.html
|
||||
|
||||
# Smoke test suite. Builds the three banger binaries with -cover
|
||||
# instrumentation under $(SMOKE_BIN_DIR), runs scripts/smoke.sh
|
||||
# with GOCOVERDIR pointed at $(SMOKE_COVER_DIR), and prints the
|
||||
# resulting coverage. The smoke script fully isolates state via
|
||||
# XDG_* env vars pointing at a mktemp'd root, so the invoking
|
||||
# user's real banger install stays untouched.
|
||||
# instrumentation under $(SMOKE_BIN_DIR), installs them as temporary
|
||||
# bangerd.service + bangerd-root.service, runs scripts/smoke.sh, copies
|
||||
# service covdata out of /var/lib/banger, then purges the smoke-owned
|
||||
# install on exit.
|
||||
#
|
||||
# Requires a KVM-capable Linux host with sudo; fails fast via
|
||||
# `banger doctor` when either is missing. This is a pre-release
|
||||
# Unlike the old per-user daemon path, this touches global systemd
|
||||
# state. The smoke script refuses to overwrite a pre-existing non-smoke
|
||||
# install and uses a marker file so `make smoke-clean` can recover a
|
||||
# stale smoke-owned install after an interrupted run.
|
||||
#
|
||||
# Requires a KVM-capable Linux host with sudo. This is a pre-release
|
||||
# gate, not CI — the Go test suite is what runs everywhere.
|
||||
smoke-build: $(SMOKE_BIN_DIR)/.built
|
||||
|
||||
|
|
@ -178,15 +181,24 @@ smoke-coverage-html: smoke
|
|||
@echo 'wrote $(SMOKE_DIR)/cover.html'
|
||||
|
||||
smoke-clean:
|
||||
@if sudo test -f /etc/banger/.smoke-owned; then \
|
||||
bin=''; \
|
||||
if [ -x "$(SMOKE_BIN_DIR)/banger" ]; then \
|
||||
bin="$(abspath $(SMOKE_BIN_DIR))/banger"; \
|
||||
elif [ -x "$(BANGER_BIN)" ]; then \
|
||||
bin="$(abspath $(BANGER_BIN))"; \
|
||||
elif [ -x /usr/local/bin/banger ]; then \
|
||||
bin=/usr/local/bin/banger; \
|
||||
fi; \
|
||||
if [ -n "$$bin" ]; then \
|
||||
sudo "$$bin" system uninstall --purge >/dev/null 2>&1 || true; \
|
||||
fi; \
|
||||
fi
|
||||
rm -rf "$(SMOKE_DIR)"
|
||||
|
||||
# smoke-fresh wipes everything under $(SMOKE_DIR) (instrumented
|
||||
# binaries, coverage pods, persisted XDG state) and runs a full
|
||||
# smoke from scratch. Useful before a release tag: the regular
|
||||
# `make smoke` reuses the XDG state across runs to skip the ~290MB
|
||||
# image pull, which is fast but leaves migrations and image-upsert
|
||||
# paths cold on every run after the first. smoke-fresh pays the
|
||||
# time cost to stamp those paths into the coverage report too.
|
||||
# smoke-fresh wipes the instrumented build tree, purges any stale
|
||||
# smoke-owned install, and then runs the supported-path smoke suite
|
||||
# from scratch.
|
||||
smoke-fresh: smoke-clean smoke
|
||||
|
||||
install: build
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue