chore: Release init version 2.6.10

chore
factorize mounting read-only filesystems (squashfs, erofs)
2026-06-11 12:11:39 +02:00 · 2026-06-11 12:08:42 +02:00 · 2026-06-11 11:35:50 +02:00 · 2026-06-09 16:06:20 +02:00 · 2026-06-09 16:06:14 +02:00 · 2026-06-09 16:05:19 +02:00
18 changed files with 306 additions and 138 deletions
@@ -126,9 +126,9 @@ checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"
 [[package]]
 name = "bitflags"
-version = "2.11.1"
+version = "2.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c4512299f36f043ab09a583e57bceb5a5aab7a73db1805848e8fef3c9e8c78b3"
+checksum = "b4388bee8683e3d04af747c73422af53102d2bd24d9eadb6cbc100baef4b43f8"
 [[package]]
 name = "blake2b_simd"
@@ -185,9 +185,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
 [[package]]
 name = "chrono"
-version = "0.4.44"
+version = "0.4.45"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c673075a2e0e5f4a1dde27ce9dee1ea4558c7ffe648f576438a20ca1d2acc4b0"
+checksum = "1aa79e62e7697b8e29b513a68abacf485adcd1fe8284a4316c5ae868e6633327"
 dependencies = [
 "iana-time-zone",
 "num-traits",
@@ -321,7 +321,7 @@ dependencies = [
 [[package]]
 name = "dkl"
 version = "1.2.1"
-source = "git+https://novit.tech/direktil/dkl#97c25f6b20e85af5544c51ed1bcb93b9e10594f5"
+source = "git+https://novit.tech/direktil/dkl#34a77eb436f104b77e9ab3d9396b4f452b8cca34"
 dependencies = [
 "async-compression",
 "base32",
@@ -418,6 +418,16 @@ version = "2.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9f1f227452a390804cdb637b74a86990f2a7d7ba4b7d5693aac9b4dd6defd8d6"
 [[package]]
 name = "filetime"
 version = "0.2.29"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5c287a33c7f0a620c38e641e7f60827713987b3c0f26e8ddc9462cc69cf75759"
 dependencies = [
 "cfg-if",
 "libc",
 ]
 [[package]]
 name = "find-msvc-tools"
 version = "0.1.9"
@@ -608,9 +618,9 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
 [[package]]
 name = "http"
-version = "1.4.1"
+version = "1.4.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8be7462df143984c4598a256ef469b251d7d7f9e271135073e78fc535414f3d0"
+checksum = "6970f50e31d6fc17d3fa27329444bfa74e196cf62e95052a3f6fee181dba6425"
 dependencies = [
 "bytes",
 "itoa",
@@ -882,7 +892,7 @@ dependencies = [
 [[package]]
 name = "init"
-version = "2.6.7"
+version = "2.6.10"
 dependencies = [
 "dkl",
 "env_logger",
@@ -901,6 +911,7 @@ dependencies = [
 "serde_yaml",
 "shell-escape",
 "sys-info",
 "tar",
 "termios",
 "tokio",
 "unix_mode",
@@ -978,13 +989,12 @@ dependencies = [
 [[package]]
 name = "js-sys"
-version = "0.3.99"
+version = "0.3.100"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "142bc4740e452c1e57ade0cbc129f139c9093e354346f0872ef985f4f5cf5f11"
+checksum = "f2025f20d7a4fa7785846e7b63d10a76d3f1cee98ee5cb79ea59703f95e42162"
 dependencies = [
 "cfg-if",
 "futures-util",
 "once_cell",
 "wasm-bindgen",
 ]
@@ -1014,9 +1024,9 @@ checksum = "92daf443525c4cce67b150400bc2316076100ce0b3686209eb8cf3c31612e6f0"
 [[package]]
 name = "log"
-version = "0.4.30"
+version = "0.4.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "616ec5685824bcc94416c6d4a7a446eea774a31efd7062c8480ba6fd06d7a6e5"
+checksum = "953f07c43838f8e6f9758cab68bf5bed85465e7587ebe0b823f1bcd81978ad3a"
 [[package]]
 name = "lz4"
@@ -1280,9 +1290,9 @@ checksum = "f8dcc9c7d52a811697d2151c701e0d08956f92b0e24136cf4cf27b57a6a0d9bf"
 [[package]]
 name = "regex"
-version = "1.12.3"
+version = "1.12.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e10754a14b9137dd7b1e3e5b0493cc9171fdd105e0ab477f51b72e7f3ac0e276"
+checksum = "f1292b7759ae1cb9ec195452d1390a074f0cd8541ab7a5a8c31cd6db45d4a6ba"
 dependencies = [
 "aho-corasick",
 "memchr",
@@ -1303,9 +1313,9 @@ dependencies = [
 [[package]]
 name = "regex-syntax"
-version = "0.8.10"
+version = "0.8.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a"
+checksum = "d6f6ff9a378485b298a5286656da665ba74413d36db0979633275d2e708145d4"
 [[package]]
 name = "reqwest"
@@ -1379,9 +1389,9 @@ dependencies = [
 [[package]]
 name = "rpassword"
-version = "7.5.3"
+version = "7.5.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "835a57a69104632d64deb0df2e09a69945cd7a6eab4070fc9b1d7e50cf6c3edc"
+checksum = "2da316a15f47e3d053de9cb2c439650bd8fa4aaeb9365f2e5f27f492ff73c196"
 dependencies = [
 "libc",
 "rtoolbox",
@@ -1709,6 +1719,16 @@ dependencies = [
 "syn",
 ]
 [[package]]
 name = "tar"
 version = "0.4.46"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3f6221d9a6003c78398e3b239969f352578258df48c8eb051caadae0015bc840"
 dependencies = [
 "filetime",
 "libc",
 ]
 [[package]]
 name = "tempfile"
 version = "3.27.0"
@@ -1985,9 +2005,9 @@ dependencies = [
 [[package]]
 name = "wasm-bindgen"
-version = "0.2.122"
+version = "0.2.123"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3ed04576f974d2b2fba0f38c51dbc5518011e38c36bf1143164be765528fd409"
+checksum = "a254a4b10c19a76f09a27640e7ffbf9bc30bf67e16a3bf28aaefa4920fe81563"
 dependencies = [
 "cfg-if",
 "once_cell",
@@ -1998,9 +2018,9 @@ dependencies = [
 [[package]]
 name = "wasm-bindgen-futures"
-version = "0.4.72"
+version = "0.4.73"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9473dbd2991ae90b6291c3c32c30c6187ac49aa32f9905d1cce280ec1e110b0f"
+checksum = "54568702fabf5d4849ce2b90fadfa64168a097eaf4b351ce9df8b687a0086aaf"
 dependencies = [
 "js-sys",
 "wasm-bindgen",
@@ -2008,9 +2028,9 @@ dependencies = [
 [[package]]
 name = "wasm-bindgen-macro"
-version = "0.2.122"
+version = "0.2.123"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "916151b09da36bd82f6615cbf3a419e2f0ba23a03c6160e8e92eb6bd4aa1dec6"
+checksum = "24a40fc75b0ec6f3746ceb10d36f53a93dcd68a93b11b6445983945d79eba0dc"
 dependencies = [
 "quote",
 "wasm-bindgen-macro-support",
@@ -2018,9 +2038,9 @@ dependencies = [
 [[package]]
 name = "wasm-bindgen-macro-support"
-version = "0.2.122"
+version = "0.2.123"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "299047362ccbfce148b67ab7e73349f77748e00c8296f9542adfad2ad82c5c5e"
+checksum = "908f34bd9b9ce3d4caf07b72dfab63d61504d156856c6bd3cd87fa350cf3985b"
 dependencies = [
 "bumpalo",
 "proc-macro2",
@@ -2031,9 +2051,9 @@ dependencies = [
 [[package]]
 name = "wasm-bindgen-shared"
-version = "0.2.122"
+version = "0.2.123"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9a929b2c61f11ba3e9bc35b50c1f25cb38e0e892c0c231ae2b8cf78d5dad4437"
+checksum = "7acbf7616c27b194bbb550bf77ed0c2c3e5b7fd1260a93082b95fb7f47959b92"
 dependencies = [
 "unicode-ident",
 ]
@@ -2087,9 +2107,9 @@ dependencies = [
 [[package]]
 name = "web-sys"
-version = "0.3.99"
+version = "0.3.100"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6d621441cfc37b84979402712047321980c178f299193a3589d05b99e8763436"
+checksum = "6e0871acf327f283dc6da28a1696cdc64fb355ba9f935d052021fa77f35cce69"
 dependencies = [
 "js-sys",
 "wasm-bindgen",
@@ -2445,9 +2465,9 @@ checksum = "1ffae5123b2d3fc086436f8834ae3ab053a283cfac8fe0a0b8eaae044768a4c4"
 [[package]]
 name = "yoke"
-version = "0.8.2"
+version = "0.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "abe8c5fda708d9ca3df187cae8bfb9ceda00dd96231bed36e445a1a48e66f9ca"
+checksum = "709fe23a0424b6a435d82152b1bd3fdfb0833487d5fa90d05d42762a9891fef5"
 dependencies = [
 "stable_deref_trait",
 "yoke-derive",
@@ -1,6 +1,6 @@
 [package]
 name = "init"
-version = "2.6.7"
+version = "2.6.10"
 edition = "2024"
 [profile.release]
@@ -32,3 +32,4 @@ openssl = "0.10.73"
 reqwest = { git = "https://github.com/mcluseau/rs-reqwest", version = "0.13.1", features = ["native-tls", "system-proxy", "socks"], default-features = false }
 glob = "0.3.3"
 hex = "0.4.3"
 tar = { version = "0.4.46", default-features = false }
@@ -0,0 +1,62 @@
 #! /bin/bash
 base_initrd=dist/initrd
 flavor=dhcp
 dir=tmp/$flavor-initrd
 dist=dist/$flavor
 uki=$dist/bootx64.efi
 linux_v=6.18.34
 set -ex
 mkdir -p tmp/dl $dist
 linux=tmp/dl/linux-$linux_v
 modules=tmp/dl/modules-$linux_v
 [ -e $linux ]   || curl -o $linux   https://dkl.novit.io/dist/kernels/6.18.35
 [ -e $modules ] || curl -o $modules https://dkl.novit.io/dist/layers/modules/6.18.35.erofs
 rm -fr $dir
 mkdir $dir
 cpio --quiet --extract --file $base_initrd --directory $dir
 cp -rv $flavor/. $dir
 cp $modules $dir/modules.fs
 (cd $dir && find * |cpio --create -H newc -R 0:0) >$dir.cpio
 if cpio -tF $dir.cpio 2>&1 |grep bytes.of.junk; then echo "bad cpio archive"; exit 1; fi
 zstd -12 -T0 -vf $dir.cpio &&
 mv $dir.cpio.zst $dist/initrd
 cp $linux $dist/vmlinuz
 ukify build --output $uki --os-release "Direktil DHCP" \
    --linux $linux --initrd $dist/initrd
 MB=$(( 2**20 ))
 sz=$(( ( $(stat -c %s $uki) + MB ) / MB + 2 ))
 efi=$dist/efi.img
 if [ -e $efi ]; then rm $efi; fi
 truncate -s ${sz}M $efi
 sgdisk -n 1:2048:0 -t 1:ef00 -c 1:"EFI System" $efi
 offset=$(( 2048 * 512 ))
 export MTOOLSRC=$(mktemp)
 trap "rm -f $MTOOLSRC" exit
 echo "drive e: file=\"$efi\" offset=$offset" >$MTOOLSRC
 args="-i $efi@@$offset"
 mformat -F e:
 mmd e:EFI e:EFI/BOOT
 mcopy $uki e:EFI/BOOT/BOOTX64.EFI
@@ -1,7 +1,7 @@
 use std::process::Command;
 fn main() {
    let output = Command::new("git")
-        .args(&["rev-parse", "HEAD"])
+        .args(["rev-parse", "HEAD"])
        .output()
        .unwrap();
    let git_commit = String::from_utf8(output.stdout).unwrap();
@@ -0,0 +1,37 @@
 ---
 anti_phishing_code: "direktil<3"
 modules: /modules.fs
 auths:
  - name:     adm1@novit
    sshKey:   ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkpbU6sf4t0f6XAv9DuW3XH5iLM0AI5rc8PT2jwea1N
  - name:     adm2@novit
    sshKey:   ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILIomzqVAIqb7BedauhAo2VgbLqme5Jx/vjGUqZLoJqF
 ssh:
  listen: "[::]:22"
 networks:
 - name: loopback
  interfaces: [ { var: iface, n: 1, udev: !eq [INTERFACE, lo] } ]
  script: |
    ip a add 127.0.0.1/8 dev lo
    ip a add ::1/128 dev lo
    ip li set lo up
 - name: main
  interfaces:
  - var: ifaces
    n: -1
    udev: !has ID_NET_NAME_MAC
  script: |
    ip link add main type bond mode active-backup
    for l in $ifaces; do
      ip link set $l master main
      ip link set $l up
    done
    ip link set main up
    udhcpc -b -i main
 bootstrap:
  dev: /dev/storage/bootstrap
@@ -1,10 +1,10 @@
-use eyre::{format_err, Result};
+use eyre::{Result, format_err};
 use log::{error, info, warn};
 use std::collections::BTreeSet as Set;
 use std::convert::Infallible;
 use std::os::unix::fs::symlink;
 use tokio::sync::Mutex;
-use tokio::{fs, process::Command};
+use tokio::{fs, io::AsyncReadExt, process::Command};
 use crate::{cmd::version::version_string, dklog, input, utils};
 use dkl::bootstrap::Config;
@@ -154,7 +154,8 @@ use std::path::Path;
 async fn mount_modules(modules: &str, kernel_version: &str) -> Result<()> {
    info!("mounting modules");
-    mount(Some(modules), "/modules", "squashfs", None).await;
+
    mount_ro_fs(modules, "/modules").await?;
    fs::create_dir_all("/lib/modules").await?;
    let modules_path = &format!("/modules/lib/modules/{kernel_version}");
@@ -166,6 +167,13 @@ async fn mount_modules(modules: &str, kernel_version: &str) -> Result<()> {
    }
    symlink(modules_path, format!("/lib/modules/{kernel_version}"))?;
    let firmware_path = &format!("/modules/lib/firmware/{kernel_version}");
    if std::fs::exists(firmware_path)? {
        fs::create_dir_all("/lib/firmware").await?;
        symlink(firmware_path, format!("/lib/firmware/{kernel_version}"))?;
    }
    Ok(())
 }
@@ -201,6 +209,8 @@ async fn mount<S: AsRef<Path>>(
            is_file = (fs::metadata(src).await)
                .map_err(|e| format_err!("stat {src} failed: {e}"))?
                .is_file();
            #[allow(clippy::single_match)] // may be extended later
            match fstype {
                "ext4" => {
                    exec("fsck.ext4", &["-p", src]).await;
@@ -236,6 +246,35 @@ async fn mount<S: AsRef<Path>>(
    .await
 }
 async fn mount_ro_fs(src: impl AsRef<Path>, dst: impl AsRef<Path>) -> Result<()> {
    let src = src.as_ref();
    let dst = dst.as_ref();
    // identify RO fs type
    let mut buf = [0u8; 1028];
    fs::File::open(src)
        .await
        .map_err(|e| format_err!("open {}: {e}", src.display()))?
        .read_exact(&mut buf)
        .await
        .map_err(|e| format_err!("read {}: {e}", src.display()))?;
    let fstype = if buf[1024..1028] == 0xE0F5E1E2u32.to_le_bytes() {
        "erofs"
    } else {
        "squashfs"
    };
    if let Err(e) = fs::create_dir_all(dst).await {
        error!("failed to create dir {dst}: {e}", dst = dst.display());
    }
    let mut cmd = Command::new("mount");
    cmd.args(["-t", fstype]).arg(src).arg(dst);
    try_exec_cmd(cmd).await
 }
 async fn start_daemon(prog: &str, args: &[&str]) {
    let (cmd_str, mut cmd) = cmd_str(prog, args);
    retry_or_ignore(async || {
@@ -246,7 +285,7 @@ async fn start_daemon(prog: &str, args: &[&str]) {
    .await;
 }
-async fn try_exec_cmd(mut cmd: tokio::process::Command) -> Result<()> {
+async fn try_exec_cmd(mut cmd: Command) -> Result<()> {
    info!(
        "# {} {}",
        cmd.as_std().get_program().to_string_lossy(),
@@ -348,9 +387,9 @@ fn cmd_str(prog: &str, args: &[&str]) -> (String, Command) {
 #[allow(unused)]
 async fn child_reaper() {
-    use nix::sys::wait::{waitpid, WaitPidFlag};
+    use nix::sys::wait::{WaitPidFlag, waitpid};
    use nix::unistd::Pid;
-    use tokio::signal::unix::{signal, SignalKind};
+    use tokio::signal::unix::{SignalKind, signal};
    let Ok(mut sigs) =
        signal(SignalKind::child()).inspect_err(|e| warn!("failed to setup SIGCHLD handler: {e}"))
@@ -368,7 +407,7 @@ async fn switch_root(root: &str) -> Result<Infallible> {
    info!("killing all processes and switching root");
    dklog::LOG.close().await;
-    use nix::sys::signal::{kill, SIGKILL};
+    use nix::sys::signal::{SIGKILL, kill};
    use nix::unistd::Pid;
    if let Err(e) = kill(Pid::from_raw(-1), SIGKILL) {
@@ -1,9 +1,9 @@
-use eyre::{format_err, Result};
+use eyre::{Result, format_err};
 use log::{debug, info, warn};
 use std::path::{Path, PathBuf};
 use tokio::{
    fs,
-    io::{AsyncBufReadExt, AsyncReadExt, AsyncWrite, AsyncWriteExt, BufReader},
+    io::{AsyncBufReadExt, AsyncWrite, AsyncWriteExt, BufReader},
 };
 use dkl::{
@@ -13,7 +13,7 @@ use dkl::{
    bootstrap::Config,
 };
-use super::{exec, mount, retry, retry_or_ignore, try_exec, try_exec_cmd};
+use super::{exec, mount, mount_ro_fs, retry, retry_or_ignore, try_exec, try_exec_cmd};
 use crate::{fs::walk_dir, utils};
 pub async fn bootstrap(cfg: Config) {
@@ -49,7 +49,7 @@ pub async fn bootstrap(cfg: Config) {
    .await;
    let sys_cfg: dkl::Config = retry(async || {
-        let sys_cfg_bytes = seed_config(base_dir, &bs, &verifier).await?;
+        let sys_cfg_bytes = seed_config(base_dir, bs, &verifier).await?;
        Ok(serde_yaml::from_slice(&sys_cfg_bytes)?)
    })
    .await;
@@ -117,7 +117,7 @@ impl Verifier {
        let pubkey = base64_decode(pubkey)?;
        let pubkey = Some(pubkey);
-        return Ok(Self { pubkey });
+        Ok(Self { pubkey })
    }
    async fn verify_path(&self, path: impl AsRef<Path>) -> Result<Vec<u8>> {
@@ -152,33 +152,48 @@ impl Verifier {
 }
 async fn seed_config(
-    base_dir: &str,
+    base_dir: impl Into<PathBuf>,
    bs: &dkl::bootstrap::Bootstrap,
    verifier: &Verifier,
 ) -> Result<Vec<u8>> {
-    let cfg_path = &format!("{base_dir}/config.yaml");
+    let base_dir = base_dir.into();
-    if fs::try_exists(cfg_path).await? {
+    let cfg_path = base_dir.join("config.yaml");
-        return Ok(fs::read(cfg_path).await?);
+
    if fs::try_exists(&cfg_path).await? {
        return verifier.verify_path(cfg_path).await;
    }
    let bs_tar = "/bootstrap.tar";
-    if !fs::try_exists(bs_tar).await? {
+    if !fs::try_exists(&bs_tar).await? {
        if bs.seed.is_none() {
            return Err(format_err!(
-                "no {cfg_path}, no {bs_tar} and no seed URL, can't bootstrap"
+                "no {}, no {bs_tar} and no seed URL, can't bootstrap",
                cfg_path.display()
            ));
        }
        fetch_bootstrap(bs, bs_tar).await?;
    }
-    try_exec("tar", &["xf", bs_tar, "-C", base_dir]).await?;
+    let tmp_dir = base_dir.with_added_extension("new");
    fs::create_dir_all(&tmp_dir).await?;
-    if !fs::try_exists(cfg_path).await? {
+    untar(bs_tar, &tmp_dir)
-        return Err(format_err!("{cfg_path} does not exist after seeding"));
+        .await
        .map_err(|e| format_err!("untar failed: {e}"))?;
    let cfg_path = tmp_dir.join("config.yaml");
    if !fs::try_exists(&cfg_path).await? {
        return Err(format_err!(
            "{} does not exist after seeding",
            cfg_path.display()
        ));
    }
-    verifier.verify_path(&cfg_path).await
+    let cfg_bytes = verifier.verify_path(&cfg_path).await?;
    fs::rename(tmp_dir, base_dir).await?;
    Ok(cfg_bytes)
 }
 async fn fetch_bootstrap(bs: &dkl::bootstrap::Bootstrap, output_file: &str) -> Result<()> {
@@ -229,6 +244,18 @@ async fn fetch_bootstrap(bs: &dkl::bootstrap::Bootstrap, output_file: &str) -> R
    Ok(())
 }
 async fn untar(arch: impl Into<PathBuf>, target: impl Into<PathBuf>) -> Result<()> {
    let arch = arch.into();
    let target = target.into();
    tokio::task::spawn_blocking(move || {
        let tar = std::fs::File::open(arch)?;
        let mut tar = tar::Archive::new(tar);
        tar.unpack(target)
    })
    .await??;
    Ok(())
 }
 fn default_root_tmpfs_opts() -> Option<String> {
    let mem = sys_info::mem_info()
        .inspect_err(|e| warn!("failed to get system memory info, using default tmpfs size: {e}"))
@@ -284,7 +311,7 @@ impl LayerMounter<'_> {
                    .await
                    .map_err(|e| format_err!("write {}: {e}", tgt.display()))?;
-                let dm_name = &format!("system");
+                let dm_name = "system";
                let mut cmd = tokio::process::Command::new("veritysetup");
                cmd.arg("open")
@@ -313,25 +340,7 @@ impl LayerMounter<'_> {
            .await
        };
-        retry(async || {
+        retry(async || mount_ro_fs(&mount_src, &tgt_dir).await).await;
            let mut buf = [0u8; 1028];
            fs::File::open(&mount_src)
                .await
                .map_err(|e| format_err!("open {}: {e}", mount_src.display()))?
                .read_exact(&mut buf)
                .await
                .map_err(|e| format_err!("read {}: {e}", mount_src.display()))?;
            let fstype = if buf[1024..1028] == 0xE0F5E1E2u32.to_le_bytes() {
                "erofs"
            } else {
                "squashfs"
            };
            mount(Some(&mount_src), &tgt_dir, fstype, None).await;
            Ok(())
        })
        .await;
        if !self.lower_dir.is_empty() {
            self.lower_dir.push(':');
@@ -495,8 +504,10 @@ async fn mount_filesystems(mounts: &[dkl::Mount], root: &str) {
 }
 async fn setup_root_user(user: &dkl::RootUser, root: &str) -> Result<()> {
-    if let Some(pw_hash) = user.password_hash.as_ref().filter(|v| !v.is_empty()) {
+    if let Some(pw_hash) = user.password_hash.as_ref()
-        set_user_password("root", &pw_hash, root).await?;
+        && !pw_hash.is_empty()
    {
        set_user_password("root", pw_hash, root).await?;
    }
    let mut authorized_keys = Vec::new();
@@ -1,4 +1,4 @@
-use eyre::{format_err, Result};
+use eyre::{Result, format_err};
 use log::{error, info, warn};
 use std::collections::BTreeSet as Set;
 use std::process::Stdio;
@@ -6,7 +6,7 @@ use tokio::io::AsyncWriteExt;
 use tokio::process::Command;
 use tokio::sync::Mutex;
-use super::{retry_or_ignore, USED_DEVS};
+use super::{USED_DEVS, retry_or_ignore};
 use crate::blockdev::{is_uninitialized, uninitialize};
 use crate::fs::walk_dir;
 use crate::input;
@@ -1,8 +1,8 @@
-use eyre::{format_err, Result};
+use eyre::{Result, format_err};
 use log::{error, info, warn};
 use tokio::process::Command;
-use super::{exec, retry, retry_or_ignore, USED_DEVS};
+use super::{USED_DEVS, exec, retry, retry_or_ignore};
 use crate::fs::walk_dir;
 use crate::{blockdev, lvm};
 use dkl::bootstrap::{Config, Filesystem, LvSize, LvmLV, LvmPV, LvmVG, TAKE_ALL};
@@ -31,7 +31,7 @@ pub async fn setup(cfg: &Config) {
            if (lvs.iter()).any(|lv| lv.equal_name(vg_name, lv_name)) {
                info!("LVM LV {vg_name}/{lv_name} exists");
            } else {
-                retry_or_ignore(async || setup_lv(&vg, &lv).await).await;
+                retry_or_ignore(async || setup_lv(vg, lv).await).await;
            }
        }
    }
@@ -40,7 +40,7 @@ pub async fn setup(cfg: &Config) {
    for vg in &cfg.lvm {
        for lv in &vg.lvs {
-            retry_or_ignore(async || format_lv(&vg, &lv).await).await;
+            retry_or_ignore(async || format_lv(vg, lv).await).await;
        }
    }
 }
@@ -115,20 +115,20 @@ async fn setup_lv(vg: &LvmVG, lv: &LvmLV) -> Result<()> {
    let mut cmd = Command::new("lvcreate");
    cmd.arg(&vg.name);
-    cmd.args(&["--name", &lv.name]);
+    cmd.args(["--name", &lv.name]);
    match &lv.size {
-        LvSize::Size(sz) => cmd.args(&["-L", sz]),
+        LvSize::Size(sz) => cmd.args(["-L", sz]),
-        LvSize::Extents(sz) => cmd.args(&["-l", sz]),
+        LvSize::Extents(sz) => cmd.args(["-l", sz]),
    };
    let raid = lv.raid.as_ref().unwrap_or(&vg.defaults.raid);
    if let Some(mirrors) = raid.mirrors {
-        cmd.args(&["--mirrors", &mirrors.to_string()]);
+        cmd.args(["--mirrors", &mirrors.to_string()]);
    }
    if let Some(stripes) = raid.stripes {
-        cmd.args(&["--stripes", &stripes.to_string()]);
+        cmd.args(["--stripes", &stripes.to_string()]);
    }
    let status = cmd.status().await?;
@@ -147,7 +147,7 @@ async fn format_lv(vg: &LvmVG, lv: &LvmLV) -> Result<()> {
    let name = &format!("{}/{}", vg.name, lv.name);
    let dev = &format!("/dev/{name}");
-    if !blockdev::is_uninitialized(&dev).await? {
+    if !blockdev::is_uninitialized(dev).await? {
        info!("{dev} looks initialized");
        return Ok(());
    }
@@ -3,10 +3,10 @@ use log::{info, warn};
 use std::collections::BTreeSet as Set;
 use tokio::process::Command;
-use super::{format_err, retry_or_ignore, Result};
+use super::{Result, format_err, retry_or_ignore};
 use crate::{
    udev,
-    utils::{select_n_by_regex, select_n_by_udev, NameAliases},
+    utils::{NameAliases, select_n_by_regex, select_n_by_udev},
 };
 use dkl::bootstrap::{Config, Network};
@@ -50,7 +50,7 @@ async fn setup_network(net: &Network, assigned: &mut Set<String>) -> Result<()>
                "net",
                "INTERFACE",
                &udev_filter.clone().into(),
-                &assigned,
+                assigned,
            )
            .await?
        } else {
@@ -1,10 +1,6 @@
 use log::{info, warn};
-use std::fs;
+use std::{fs, io::Write, os::unix::fs::PermissionsExt, process::Stdio};
-use std::io::Write;
+use tokio::{net, process::Command};
 use std::os::unix::fs::PermissionsExt;
 use std::process::Stdio;
 use tokio::net;
 use tokio::process::Command;
 use super::retry_or_ignore;
 use dkl::bootstrap::{Config, SSHServer};
@@ -60,7 +56,7 @@ async fn handle_ssh_connections(listener: net::TcpListener, cfg: SSHServer) {
    }
    for opt in &options {
-        sshd_args.extend(["-o", &opt]);
+        sshd_args.extend(["-o", opt]);
    }
    let mut keygen_done = false;
@@ -3,7 +3,7 @@ use crate::input;
 pub async fn run() {
    tokio::spawn(async {
        // give a bit of time for stdout
-        use tokio::time::{sleep, Duration};
+        use tokio::time::{Duration, sleep};
        sleep(Duration::from_millis(200)).await;
        if let Err(e) = input::forward_requests_from_socket().await {
@@ -1,10 +1,9 @@
 use std::io::Write;
 use std::sync::{LazyLock, Mutex};
 use std::time::SystemTime;
-use tokio::sync::watch;
+use tokio::{io::AsyncWriteExt, sync::watch, task::JoinSet};
 use tokio::task::JoinSet;
-pub static LOG: LazyLock<Log> = LazyLock::new(Log::new);
+pub static LOG: LazyLock<Log> = LazyLock::new(Log::default);
 pub fn init() {
    log::set_logger(&*LOG).expect("set_logger should not fail");
@@ -19,8 +18,8 @@ pub struct Log {
    tasks: Mutex<Option<JoinSet<()>>>,
 }
-impl Log {
+impl Default for Log {
-    pub fn new() -> Self {
+    fn default() -> Self {
        let (tx, rx) = watch::channel(0);
        Self {
            start: SystemTime::now(),
@@ -30,7 +29,9 @@ impl Log {
            tasks: Mutex::new(Some(JoinSet::new())),
        }
    }
 }
 impl Log {
    pub fn spawn(&self, task: impl Future<Output = ()> + Send + 'static) {
        if let Some(tasks) = self.tasks.lock().unwrap().as_mut() {
            tasks.spawn(task);
@@ -47,7 +48,6 @@ impl Log {
    pub async fn copy_to<W: tokio::io::AsyncWrite + Unpin>(&self, mut out: W) {
        let mut log = self.subscribe();
        use tokio::io::AsyncWriteExt;
        while let Some(chunk) = log.next().await {
            let _ = out.write_all(&chunk).await;
            let _ = out.flush().await;
@@ -56,7 +56,8 @@ impl Log {
    pub async fn close(&self) {
        self.tx.lock().unwrap().take();
-        if let Some(tasks) = self.tasks.lock().unwrap().take() {
+        let tasks = self.tasks.lock().unwrap().take();
        if let Some(tasks) = tasks {
            tasks.join_all().await;
        }
    }
@@ -115,7 +116,7 @@ pub struct LogWatch<'t> {
 impl<'t> LogWatch<'t> {
    pub async fn next(&mut self) -> Option<Vec<u8>> {
        loop {
-            let new_pos = self.rx.borrow_and_update().clone();
+            let new_pos = *self.rx.borrow_and_update();
            if new_pos <= self.pos {
                if self.rx.changed().await.is_err() {
                    return None; // finished
@@ -14,7 +14,7 @@ pub async fn read_password(prompt: impl Display) -> String {
 }
 fn choice_char(s: &str) -> char {
-    s.chars().skip_while(|c| *c != '[').skip(1).next().unwrap()
+    s.chars().skip_while(|c| *c != '[').nth(1).unwrap()
 }
 #[test]
@@ -51,7 +51,7 @@ pub async fn read_choice<const N: usize>(choices: [&str; N]) -> char {
    loop {
        let line = read_line(&prompt).await;
-        let Some(ch) = line.chars().nth(0) else {
+        let Some(ch) = line.chars().next() else {
            continue;
        };
@@ -70,8 +70,9 @@ pub struct InputRequest {
 }
 pub type Reply = Arc<Mutex<Option<oneshot::Sender<String>>>>;
 type RequestSender = watch::Sender<Option<(InputRequest, Reply)>>;
-static REQ: LazyLock<Mutex<watch::Sender<Option<(InputRequest, Reply)>>>> = LazyLock::new(|| {
+static REQ: LazyLock<Mutex<RequestSender>> = LazyLock::new(|| {
    let (tx, _) = watch::channel(None);
    Mutex::new(tx)
 });
@@ -117,7 +118,7 @@ pub async fn answer_requests_from_stdin() {
        if req.hide {
            match termios::Termios::from_fd(0) {
                Ok(mut tio) => {
-                    saved_termios = Some(tio.clone());
+                    saved_termios = Some(tio);
                    tio.c_lflag &= !termios::ECHO;
                    if let Err(e) = termios::tcsetattr(0, termios::TCSAFLUSH, &tio) {
                        warn!("password may be echoed! {e}");
@@ -160,12 +161,12 @@ pub async fn answer_requests_from_stdin() {
        );
        // restore term if input was hidden
-        if let Some(tio) = saved_termios {
+        if let Some(tio) = saved_termios
-            if let Err(e) = termios::tcsetattr(0, termios::TCSAFLUSH, &tio) {
+            && let Err(e) = termios::tcsetattr(0, termios::TCSAFLUSH, &tio)
        {
            warn!("failed to restore pty attrs: {e}");
        }
    }
    }
 }
 const SOCKET_PATH: &str = "/run/init.sock";
@@ -1,4 +1,4 @@
-use eyre::{Result, format_err};
+use eyre::{format_err, Result};
 use tokio::process::Command;
 #[derive(Debug, serde::Deserialize, serde::Serialize)]
@@ -55,7 +55,7 @@ pub struct LV {
 impl LV {
    pub fn equal_name(&self, vg_name: &str, lv_name: &str) -> bool {
-        vg_name == &self.vg_name && lv_name == &self.lv_name
+        vg_name == self.vg_name && lv_name == self.lv_name
    }
 }
@@ -90,7 +90,7 @@ async fn report_cmd<T>(cmd: &str, find: fn(ReportObj) -> Option<Vec<T>>) -> Resu
        .await?;
    if !output.status.success() {
-        let stderr = String::from_utf8_lossy(&output.stderr.trim_ascii());
+        let stderr = String::from_utf8_lossy(output.stderr.trim_ascii());
        return Err(format_err!("{cmd} failed: {}", stderr));
    }
@@ -1,6 +1,8 @@
 use eyre::Result;
 use log::warn;
 use dkl::bootstrap::UdevFilter;
 pub struct Device {
    sysname: String,
    output: String,
@@ -41,7 +43,7 @@ pub fn get_devices(class: &str) -> Result<Vec<Device>> {
        let path = path.to_string_lossy();
        let output = std::process::Command::new("udevadm")
-            .args(&["info", &format!("--path={path}")])
+            .args(["info", &format!("--path={path}")])
            .stderr(std::process::Stdio::piped())
            .output()?;
@@ -102,10 +104,7 @@ pub struct Devs {
 impl<'t> Devs {
    pub fn iter(&'t self) -> impl Iterator<Item = Dev<'t>> {
-        self.data
+        self.data.split("\n\n").filter(|s| !s.is_empty()).map(Dev)
            .split("\n\n")
            .filter(|s| !s.is_empty())
            .map(|s| Dev(s))
    }
    pub fn of_subsystem(&'t self, subsystem: &str) -> impl Iterator<Item = Dev<'t>> {
@@ -174,7 +173,7 @@ pub enum Filter {
    False,
 }
-impl<'t> Filter {
+impl Filter {
    pub fn matches(&self, dev: &Dev) -> bool {
        match self {
            Self::False => false,
@@ -190,21 +189,22 @@ impl<'t> Filter {
    }
 }
-impl<'t> Into<Filter> for dkl::bootstrap::UdevFilter {
+impl From<UdevFilter> for Filter {
-    fn into(self) -> Filter {
+    fn from(filter: UdevFilter) -> Filter {
-        match self {
+        use UdevFilter::*;
-            Self::Has(p) => Filter::Has(p),
+        match filter {
-            Self::Eq(p, v) => Filter::Eq(p, v),
+            Has(p) => Filter::Has(p),
-            Self::Glob(p, pattern) => match glob::Pattern::new(&pattern) {
+            Eq(p, v) => Filter::Eq(p, v),
            Glob(p, pattern) => match glob::Pattern::new(&pattern) {
                Ok(pattern) => Filter::Glob(p, pattern),
                Err(e) => {
                    warn!("pattern {pattern:?} will never match: {e}");
                    Filter::False
                }
            },
-            Self::And(ops) => Filter::And(ops.into_iter().map(Self::into).collect()),
+            And(ops) => Filter::And(ops.into_iter().map(|op| op.into()).collect()),
-            Self::Or(ops) => Filter::Or(ops.into_iter().map(Self::into).collect()),
+            Or(ops) => Filter::Or(ops.into_iter().map(|op| op.into()).collect()),
-            Self::Not(op) => Filter::Not(Box::new((*op).into())),
+            Not(op) => Filter::Not(Box::new((*op).into())),
        }
    }
 }
@@ -66,7 +66,7 @@ impl NameAliases {
 pub fn select_n_by_regex<'t>(
    n: i16,
-    regexs: &Vec<String>,
+    regexs: &[String],
    nas: impl Iterator<Item = &'t NameAliases>,
 ) -> Vec<String> {
    // compile regexs
@@ -91,7 +91,7 @@ pub fn select_n_by_regex<'t>(
    }
 }
-pub async fn select_n_by_udev<'t>(
+pub async fn select_n_by_udev(
    n: i16,
    subsystem: &str,
    result_property: &str,
Author	SHA1	Message	Date
Mikaël Cluseau	30cdf9456b	chore: Release init version 2.6.10	2026-06-11 12:11:39 +02:00
Mikaël Cluseau	19193a9560	chore	2026-06-11 12:08:42 +02:00
Mikaël Cluseau	ee0ff1373f	factorize mounting read-only filesystems (squashfs, erofs)	2026-06-11 11:35:50 +02:00
Mikaël Cluseau	ee03452591	chore: Release init version 2.6.9	2026-06-09 16:06:20 +02:00
Mikaël Cluseau	7fef9eaf6c	add OVMF.fd	2026-06-09 16:06:14 +02:00
Mikaël Cluseau	6a9875fad5	init: symlink modules firmware	2026-06-09 16:05:19 +02:00
Mikaël Cluseau	6a8805346f	add example (but useful) dhcp initrd	2026-06-05 14:10:37 +02:00
Mikaël Cluseau	acb8f28ab7	cargo update	2026-06-04 19:09:28 +02:00
Mikaël Cluseau	d4ec6380f8	untar by ourselves	2026-06-04 19:08:54 +02:00
Mikaël Cluseau	3036b2f417	chore: Release init version 2.6.8	2026-06-02 06:38:05 +02:00
Mikaël Cluseau	e72e6a0b3b	seed: more atomic	2026-06-02 06:36:45 +02:00