Merge pull request #3718 from rina23q/improve/3693/add-immediate-parent-dir-control-to-config-mamagement

feat: create parent directories if missing for config_update operation

Author: rina23q

crates/common/tedge_utils/src/atomic.rs

@@ -20,6 +20,7 @@ use std::os::unix::fs::MetadataExt;
 use std::os::unix::fs::PermissionsExt;
 use std::path::Path;
 
+use crate::file::PermissionEntry;
 use anyhow::Context;
 
 /// Writes a file atomically and optionally sets its permissions.
@@ -112,12 +113,35 @@ fn target_permissions(dest: &Path, permissions: &MaybePermissions) -> anyhow::Re
     Ok(Permissions { uid, gid, mode })
 }
 
+#[derive(Debug)]
 pub struct MaybePermissions {
     pub uid: Option<u32>,
     pub gid: Option<u32>,
     pub mode: Option<u32>,
 }
 
+impl TryFrom<&PermissionEntry> for MaybePermissions {
+    type Error = anyhow::Error;
+
+    fn try_from(value: &PermissionEntry) -> Result<Self, Self::Error> {
+        let uid = value
+            .user
+            .as_ref()
+            .map(|u| uzers::get_user_by_name(&u).with_context(|| format!("no such user: '{u}'")))
+            .transpose()?
+            .map(|u| u.uid());
+        let gid = value
+            .group
+            .as_ref()
+            .map(|g| uzers::get_group_by_name(&g).with_context(|| format!("no such group: '{g}'")))
+            .transpose()?
+            .map(|g| g.gid());
+        let mode = value.mode;
+
+        Ok(Self { uid, gid, mode })
+    }
+}
+
 struct Permissions {
     uid: u32,
     gid: u32,

crates/common/tedge_utils/src/file.rs

@@ -79,6 +79,7 @@ pub async fn create_directory<P: AsRef<Path>>(
 ) -> Result<(), FileError> {
     permissions.create_directory(dir.as_ref()).await
 }
+
 /// Create the directory owned by the user running this API with default directory permissions
 pub async fn create_directory_with_defaults<P: AsRef<Path>>(dir: P) -> Result<(), FileError> {
     create_directory(dir, &PermissionEntry::default()).await
@@ -264,6 +265,27 @@ impl PermissionEntry {
         Ok(())
     }
 
+    pub fn apply_sync(self, path: &Path) -> Result<(), FileError> {
+        match (self.user, self.group) {
+            (Some(user), Some(group)) => {
+                change_user_and_group_sync(path, &user, &group)?;
+            }
+            (Some(user), None) => {
+                change_user_sync(path, &user)?;
+            }
+            (None, Some(group)) => {
+                change_group_sync(path, &group)?;
+            }
+            (None, None) => {}
+        }
+
+        if let Some(mode) = &self.mode {
+            change_mode_sync(path, *mode)?;
+        }
+
+        Ok(())
+    }
+
     async fn create_directory(&self, dir: &Path) -> Result<(), FileError> {
         match dir.parent() {
             None => return Ok(()),
@@ -383,9 +405,9 @@ pub async fn change_user_and_group(
         .unwrap()
 }
 
-pub fn change_user_and_group_sync(file: &Path, user: &str, group: &str) -> Result<(), FileError> {
-    let metadata = get_metadata_sync(file)?;
-    debug!("Changing ownership of file: {file:?} with user: {user} and group: {group}",);
+pub fn change_user_and_group_sync(path: &Path, user: &str, group: &str) -> Result<(), FileError> {
+    let metadata = get_metadata_sync(path)?;
+    debug!("Changing ownership of path: {path:?} with user: {user} and group: {group}",);
     let ud = get_user_by_name(&user)
         .map(|u| u.uid())
         .ok_or_else(|| FileError::UserNotFound {
@@ -405,9 +427,9 @@ pub fn change_user_and_group_sync(file: &Path, user: &str, group: &str) -> Resul
 
     // if user and group are same as existing, then do not change
     if (ud != uid) || (gd != gid) {
-        chown(file, Some(Uid::from_raw(ud)), Some(Gid::from_raw(gd))).map_err(|e| {
+        chown(path, Some(Uid::from_raw(ud)), Some(Gid::from_raw(gd))).map_err(|e| {
             FileError::MetaDataError {
-                name: file.display().to_string(),
+                name: path.display().to_string(),
                 from: e.into(),
             }
         })?;

crates/core/tedge_write/src/api.rs

@@ -35,27 +35,8 @@ impl CopyOptions<'_> {
     ///
     /// Stdin and Stdout are UTF-8.
     pub fn copy(self) -> anyhow::Result<()> {
-        let mut command = self.command()?;
-
-        let output = command.output();
-
-        let program = command.get_program().to_string_lossy();
-        let output = output.with_context(|| format!("failed to start process '{program}'"))?;
-
-        if !output.status.success() {
-            let stderr = String::from_utf8_lossy(&output.stderr);
-            let stderr = stderr.trim();
-            let err = match output.status.code() {
-                Some(exit_code) => anyhow!(
-                    "process '{program}' returned non-zero exit code ({exit_code}); stderr=\"{stderr}\""
-                ),
-                None => anyhow!("process '{program}' was terminated; stderr=\"{stderr}\""),
-            };
-
-            return Err(err);
-        }
-
-        Ok(())
+        let command = self.command()?;
+        execute(command)
     }
 
     fn command(&self) -> anyhow::Result<Command> {
@@ -83,6 +64,80 @@ impl CopyOptions<'_> {
     }
 }
 
+/// Options for creating directories using a `tedge-write` process.
+#[derive(Debug, PartialEq)]
+pub struct CreateDirsOptions<'a> {
+    /// Destination directory path
+    pub dir_path: &'a Utf8Path,
+
+    /// User's sudo preference, received from TedgeConfig
+    pub sudo: SudoCommandBuilder,
+
+    /// Permission mode for the immediate directory, in octal form.
+    pub mode: Option<u32>,
+
+    /// User which will become the new owner of the immediate directory.
+    pub user: Option<&'a str>,
+
+    /// Group which will become the new owner of the immediate directory.
+    pub group: Option<&'a str>,
+}
+
+impl CreateDirsOptions<'_> {
+    /// Creates the directories by spawning new tedge-write process.
+    ///
+    /// Stdout are UTF-8.
+    pub fn create(self) -> anyhow::Result<()> {
+        let command = self.command()?;
+        execute(command)
+    }
+
+    fn command(&self) -> anyhow::Result<Command> {
+        // if tedge-write is in PATH of tedge process, use it, if not, defer PATH lookup to sudo
+        let tedge_write_binary =
+            which::which_global(TEDGE_WRITE_BINARY).unwrap_or(TEDGE_WRITE_BINARY.into());
+
+        let mut command = self.sudo.command(tedge_write_binary);
+
+        command.arg(self.dir_path);
+        command.arg("--create-dirs-only");
+
+        if let Some(mode) = self.mode {
+            command.arg("--parent-mode").arg(format!("{mode:o}"));
+        }
+        if let Some(user) = self.user {
+            command.arg("--parent-user").arg(user);
+        }
+        if let Some(group) = self.group {
+            command.arg("--parent-group").arg(group);
+        }
+
+        Ok(command)
+    }
+}
+
+fn execute(mut command: Command) -> anyhow::Result<()> {
+    let output = command.output();
+
+    let program = command.get_program().to_string_lossy();
+    let output = output.with_context(|| format!("failed to start process '{program}'"))?;
+
+    if !output.status.success() {
+        let stderr = String::from_utf8_lossy(&output.stderr);
+        let stderr = stderr.trim();
+        let err = match output.status.code() {
+            Some(exit_code) => anyhow!(
+                    "process '{program}' returned non-zero exit code ({exit_code}); stderr=\"{stderr}\""
+                ),
+            None => anyhow!("process '{program}' was terminated; stderr=\"{stderr}\""),
+        };
+
+        return Err(err);
+    }
+
+    Ok(())
+}
+
 #[cfg(test)]
 mod tests {
     use std::os::unix::fs::PermissionsExt;

crates/core/tedge_write/src/bin.rs

@@ -2,11 +2,14 @@
 
 use anyhow::bail;
 use anyhow::Context;
+use camino::Utf8Path;
 use camino::Utf8PathBuf;
+use clap::arg;
 use clap::Parser;
 use tedge_config::cli::CommonArgs;
 use tedge_config::log_init;
 use tedge_utils::atomic::MaybePermissions;
+use tedge_utils::file::PermissionEntry;
 
 /// tee-like helper for writing to files which `tedge` user does not have write permissions to.
 ///
@@ -19,6 +22,10 @@ pub struct Args {
     /// If the file does not exist, it will be created with the specified owner/group/permissions.
     /// If the file does exist, it will be overwritten, but its owner/group/permissions will remain
     /// unchanged.
+    ///
+    /// If parent directories are missing, they will be created and the specified parent permissions
+    /// will be applied only to the immediate parent.
+    /// If the parents exist, they will remain unchanged.
     destination_path: Utf8PathBuf,
 
     /// Permission mode for the file, in octal form.
@@ -33,6 +40,22 @@ pub struct Args {
     #[arg(long)]
     group: Option<Box<str>>,
 
+    /// Only create all parent directories if they are missing.
+    #[arg(long)]
+    create_dirs_only: bool,
+
+    /// Permission mode for the immediate parent directory, in octal form.
+    #[arg(long)]
+    parent_mode: Option<Box<str>>,
+
+    /// User which will become the new owner of the immediate parent directory.
+    #[arg(long)]
+    parent_user: Option<Box<str>>,
+
+    /// Group which will become the new owner of the immediate parent directory.
+    #[arg(long)]
+    parent_group: Option<Box<str>>,
+
     #[command(flatten)]
     common: CommonArgs,
 }
@@ -60,45 +83,80 @@ pub fn run(args: Args) -> anyhow::Result<()> {
     }
 
     // unwrap is safe because clean returns an utf8 path when given an utf8 path
-    let target_filepath: Utf8PathBuf = path_clean::clean(args.destination_path.as_std_path())
+    let target_path: Utf8PathBuf = path_clean::clean(args.destination_path.as_std_path())
         .try_into()
         .unwrap();
 
-    if target_filepath != *args.destination_path {
+    if target_path != *args.destination_path {
         bail!(
             "Destination path {} is not canonical",
             args.destination_path
         );
     }
 
-    let mode = args
-        .mode
+    // Create the parent directories if they are missing
+    if args.create_dirs_only {
+        if !target_path.exists() {
+            create_parent_dirs(&args, &target_path)?;
+        }
+        return Ok(());
+    }
+
+    // what permissions we want to set if the file doesn't exist
+    let file_permissions = get_permissions(args.mode, args.user, args.group)?;
+
+    let src = std::io::stdin().lock();
+
+    tedge_utils::atomic::write_file_atomic_set_permissions_if_doesnt_exist(
+        src,
+        &target_path,
+        &file_permissions,
+    )
+    .with_context(|| format!("failed to write to destination file '{target_path}'"))?;
+
+    Ok(())
+}
+
+fn create_parent_dirs(args: &Args, dir_path: &Utf8Path) -> anyhow::Result<()> {
+    let parent_permissions = PermissionEntry::new(
+        args.parent_user.clone().map(|s| s.into()),
+        args.parent_group.clone().map(|s| s.into()),
+        args.parent_mode
+            .clone()
+            .map(|m| u32::from_str_radix(&m, 8).with_context(|| format!("invalid mode: {m}")))
+            .transpose()?,
+    );
+
+    match std::fs::create_dir_all(dir_path) {
+        Ok(_) => {
+            parent_permissions.apply_sync(dir_path.as_std_path())?;
+        }
+        Err(err) => {
+            bail!("failed to create parent directories. path: '{dir_path}', error: '{err}'");
+        }
+    }
+
+    Ok(())
+}
+
+fn get_permissions(
+    mode: Option<Box<str>>,
+    user: Option<Box<str>>,
+    group: Option<Box<str>>,
+) -> anyhow::Result<MaybePermissions> {
+    let mode = mode
         .map(|m| u32::from_str_radix(&m, 8).with_context(|| format!("invalid mode: {m}")))
         .transpose()?;
 
-    let uid = args
-        .user
+    let uid = user
         .map(|u| uzers::get_user_by_name(&*u).with_context(|| format!("no such user: '{u}'")))
         .transpose()?
         .map(|u| u.uid());
 
-    let gid = args
-        .group
+    let gid = group
         .map(|g| uzers::get_group_by_name(&*g).with_context(|| format!("no such group: '{g}'")))
         .transpose()?
         .map(|g| g.gid());
 
-    // what permissions we want to set if the file doesn't exist
-    let permissions = MaybePermissions { uid, gid, mode };
-
-    let src = std::io::stdin().lock();
-
-    tedge_utils::atomic::write_file_atomic_set_permissions_if_doesnt_exist(
-        src,
-        &target_filepath,
-        &permissions,
-    )
-    .with_context(|| format!("failed to write to destination file '{target_filepath}'"))?;
-
-    Ok(())
+    Ok(MaybePermissions { uid, gid, mode })
 }

crates/core/tedge_write/src/lib.rs

@@ -30,3 +30,4 @@ pub mod bin;
 mod api;
 
 pub use api::CopyOptions;
+pub use api::CreateDirsOptions;