diff options
| author | Craig Jennings <c@cjennings.net> | 2026-06-30 07:56:41 -0400 |
|---|---|---|
| committer | Craig Jennings <c@cjennings.net> | 2026-06-30 07:56:41 -0400 |
| commit | 6bd832897813c730deb12768d1eb5b02af66ad20 (patch) | |
| tree | fdb3b76316deb14c6a8dfd39e3b7d03e06283c32 /docs | |
| parent | 394f3dbdadb29f7477d452634605f5c269aaed6f (diff) | |
| download | archsetup-6bd832897813c730deb12768d1eb5b02af66ad20.tar.gz archsetup-6bd832897813c730deb12768d1eb5b02af66ad20.zip | |
feat: install pre-pacman ZFS snapshot hook on ZFS-root systems
archsetup took sanoid from install-archzfs but never ported the pre-pacman snapshot hook, so a ZFS-root install had no transaction-triggered rollback point — the working setup only existed as a hand-placed script on velox, lost on reinstall. Add configure_pre_pacman_snapshots(): a PreTransaction pacman hook plus a self-pruning script that keeps the 10 most recent pre-pacman snapshots (sanoid ignores them — they aren't autosnap_ names). It's gated to ZFS-root and runs late in boot_ux, so the hook doesn't fire during the install's own package operations and the first snapshot is the fresh system.
The script ships as scripts/zfs-pre-snapshot, made ZFS_PRE_* env-overridable so the pruning logic is unit-testable. Unit tests drive it against a fake zfs (creates a snapshot, prunes the oldest past KEEP, ignores non-pre-pacman snapshots, honors the lockfile interval, warns on failure); a Testinfra test asserts the hook and script land on a ZFS install; the orchestrator test pins the new boot_ux substep.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/design/2026-06-29-zfs-pre-snapshot-installer.org | 33 |
1 files changed, 26 insertions, 7 deletions
diff --git a/docs/design/2026-06-29-zfs-pre-snapshot-installer.org b/docs/design/2026-06-29-zfs-pre-snapshot-installer.org index 413bfa5..e5a339e 100644 --- a/docs/design/2026-06-29-zfs-pre-snapshot-installer.org +++ b/docs/design/2026-06-29-zfs-pre-snapshot-installer.org @@ -78,10 +78,29 @@ else fi #+end_src -* Open items before implementation - -- Source or write =/etc/pacman.d/hooks/zfs-snapshot.hook= (the trigger). -- Decide the exact insertion point in the ZFS-root install path. -- Add a ZFS-root VM test asserting the hook + script land and the script - self-prunes past =KEEP=. -- Correct the stale 2026-01-17 security-doc line. +* Implementation (2026-06-30) + +- Hook sourced from velox (=/etc/pacman.d/hooks/zfs-snapshot.hook=) and embedded + as a heredoc in =configure_pre_pacman_snapshots()=. +- Insertion point: a new =configure_pre_pacman_snapshots()= gated on + =is_zfs_root=, called from =boot_ux= (the last step) so the hook doesn't fire + during the install's own package operations — the first pre-pacman snapshot is + the fresh system. The script ships as =scripts/zfs-pre-snapshot= (the + =zfs-replicate= pattern), made =ZFS_PRE_*=-env-overridable for testability. +- Tests: =tests/zfs-pre-snapshot/= unit-tests the pruning logic against a fake + =zfs= (creates, prunes oldest-past-KEEP, ignores non-=pre-pacman_= snapshots, + honors the lockfile, warns on snapshot failure); =test_boot.py= asserts the + hook + script land on a ZFS install; the orchestrator test pins the new + =boot_ux= substep. + +* Note on the "stale security doc" + +The 2026-01-17 line "ZFS pre-pacman snapshots (already in install-archzfs)" is +*not* stale: that file is an archive generated by install-archzfs (see its +header and footer), and the claim is accurate for install-archzfs. The real gap +was that archsetup took sanoid from install-archzfs but never ported the +pre-pacman hook. This change ports it. The archive is left untouched. + +* Remaining + +- ZFS-root VM verification (=make test FS_PROFILE=zfs=) before the task closes. |