proxmox-backup/src/server/command_socket.rs

use anyhow::{bail, format_err, Error};

use std::collections::HashMap;
use std::os::unix::io::AsRawFd;
use std::path::{PathBuf, Path};
use std::sync::Arc;

use futures::*;
use tokio::net::UnixListener;
use serde::Serialize;
use serde_json::Value;
use nix::sys::socket;

/// Listens on a Unix Socket to handle simple command asynchronously
fn create_control_socket<P, F>(path: P, func: F) -> Result<impl Future<Output = ()>, Error>
where
    P: Into<PathBuf>,
    F: Fn(Value) -> Result<Value, Error> + Send + Sync + 'static,
{
    let path: PathBuf = path.into();

    let backup_user = pbs_config::backup_user()?;
    let backup_gid = backup_user.gid.as_raw();

    let socket = UnixListener::bind(&path)?;

    let func = Arc::new(func);

    let control_future = async move {
        loop {
            let (conn, _addr) = match socket.accept().await {
                Ok(data) => data,
                Err(err) => {
                    eprintln!("failed to accept on control socket {:?}: {}", path, err);
                    continue;
                }
            };

            let opt = socket::sockopt::PeerCredentials {};
            let cred = match socket::getsockopt(conn.as_raw_fd(), opt) {
                Ok(cred) => cred,
                Err(err) => {
                    eprintln!("no permissions - unable to read peer credential - {}", err);
                    continue;
                }
            };

            // check permissions (same gid, root user, or backup group)
            let mygid = unsafe { libc::getgid() };
            if !(cred.uid() == 0 || cred.gid() == mygid || cred.gid() == backup_gid) {
                eprintln!("no permissions for {:?}", cred);
                continue;
            }

            let (rx, mut tx) = tokio::io::split(conn);

            let abort_future = super::last_worker_future().map(|_| ());

            use tokio::io::{AsyncBufReadExt, AsyncWriteExt};
            let func = Arc::clone(&func);
            let path = path.clone();
            tokio::spawn(futures::future::select(
                async move {
                    let mut rx = tokio::io::BufReader::new(rx);
                    let mut line = String::new();
                    loop {
                        line.clear();
                        match rx.read_line({ line.clear(); &mut line }).await {
                            Ok(0) => break,
                            Ok(_) => (),
                            Err(err) => {
                                eprintln!("control socket {:?} read error: {}", path, err);
                                return;
                            }
                        }

                        let response = match line.parse::<Value>() {
                            Ok(param) => match func(param) {
                                Ok(res) => format!("OK: {}\n", res),
                                Err(err) => format!("ERROR: {}\n", err),
                            }
                            Err(err) => format!("ERROR: {}\n", err),
                        };

                        if let Err(err) = tx.write_all(response.as_bytes()).await {
                            eprintln!("control socket {:?} write response error: {}", path, err);
                            return;
                        }
                    }
                }.boxed(),
                abort_future,
            ).map(|_| ()));
        }
    }.boxed();

    let abort_future = super::last_worker_future().map_err(|_| {});
    let task = futures::future::select(
        control_future,
        abort_future,
    ).map(|_: futures::future::Either<(Result<(), Error>, _), _>| ());

    Ok(task)
}


pub async fn send_command<P, T>(path: P, params: &T) -> Result<Value, Error>
where
    P: AsRef<Path>,
    T: ?Sized + Serialize,
{
    let mut command_string = serde_json::to_string(params)?;
    command_string.push('\n');
    send_raw_command(path.as_ref(), &command_string).await
}

pub async fn send_raw_command<P>(path: P, command_string: &str) -> Result<Value, Error>
where
    P: AsRef<Path>,
{
    use tokio::io::{AsyncBufReadExt, AsyncWriteExt};

    let mut conn = tokio::net::UnixStream::connect(path)
        .map_err(move |err| format_err!("control socket connect failed - {}", err))
        .await?;

    conn.write_all(command_string.as_bytes()).await?;
    if !command_string.as_bytes().ends_with(b"\n") {
        conn.write_all(b"\n").await?;
    }

    AsyncWriteExt::shutdown(&mut conn).await?;
    let mut rx = tokio::io::BufReader::new(conn);
    let mut data = String::new();
    if rx.read_line(&mut data).await? == 0 {
        bail!("no response");
    }
    if let Some(res) = data.strip_prefix("OK: ") {
        match res.parse::<Value>() {
            Ok(v) => Ok(v),
            Err(err) => bail!("unable to parse json response - {}", err),
        }
    } else if let Some(err) = data.strip_prefix("ERROR: ") {
        bail!("{}", err);
    } else {
        bail!("unable to parse response: {}", data);
    }
}

/// A callback for a specific commando socket.
pub type CommandoSocketFn = Box<(dyn Fn(Option<&Value>) -> Result<Value, Error> + Send + Sync + 'static)>;

/// Tooling to get a single control command socket where one can register multiple commands
/// dynamically.
/// You need to call `spawn()` to make the socket active.
pub struct CommandoSocket {
    socket: PathBuf,
    commands: HashMap<String, CommandoSocketFn>,
}

impl CommandoSocket {
    pub fn new<P>(path: P) -> Self
        where P: Into<PathBuf>,
    {
        CommandoSocket {
            socket: path.into(),
            commands: HashMap::new(),
        }
    }

    /// Spawn the socket and consume self, meaning you cannot register commands anymore after
    /// calling this.
    pub fn spawn(self) -> Result<(), Error> {
        let control_future = create_control_socket(self.socket.to_owned(), move |param| {
            let param = param
                .as_object()
                .ok_or_else(|| format_err!("unable to parse parameters (expected json object)"))?;

            let command = match param.get("command") {
                Some(Value::String(command)) => command.as_str(),
                None => bail!("no command"),
                _ => bail!("unable to parse command"),
            };

            if !self.commands.contains_key(command) {
                bail!("got unknown command '{}'", command);
            }

            match self.commands.get(command) {
                None => bail!("got unknown command '{}'", command),
                Some(handler) => {
                    let args = param.get("args"); //.unwrap_or(&Value::Null);
                    (handler)(args)
                },
            }
        })?;

        tokio::spawn(control_future);

        Ok(())
    }

    /// Register a new command with a callback.
    pub fn register_command<F>(
        &mut self,
        command: String,
        handler: F,
    ) -> Result<(), Error>
    where
        F: Fn(Option<&Value>) -> Result<Value, Error> + Send + Sync + 'static,
    {

        if self.commands.contains_key(&command) {
            bail!("command '{}' already exists!", command);
        }

        self.commands.insert(command, Box::new(handler));

        Ok(())
    }
}
switch from failure to anyhow Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2020-04-17 12:11:25 +00:00			`use anyhow::{bail, format_err, Error};`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
server: add CommandoSocket where multiple users can register commands This is a preparatory step to replace the task control socket with it and provide a "reopen log file" command for the rest server. Kept it simple by disallowing to register new commands after the socket gets spawned, this avoids the need for locking. If we really need that we can always wrap it in a Arc<RWLock<..>> or something like that, or even nicer, register at compile time. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2020-11-02 09:12:56 +00:00			`use std::collections::HashMap;`
			`use std::os::unix::io::AsRawFd;`
refactor send_command - refactor the combinators, - make it take a `&T: Serialize` instead of a Value, and allow sending the raw string via `send_raw_command`. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2021-05-11 13:53:59 +00:00			`use std::path::{PathBuf, Path};`
server: add CommandoSocket where multiple users can register commands This is a preparatory step to replace the task control socket with it and provide a "reopen log file" command for the rest server. Kept it simple by disallowing to register new commands after the socket gets spawned, this avoids the need for locking. If we really need that we can always wrap it in a Arc<RWLock<..>> or something like that, or even nicer, register at compile time. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2020-11-02 09:12:56 +00:00			`use std::sync::Arc;`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
server: add CommandoSocket where multiple users can register commands This is a preparatory step to replace the task control socket with it and provide a "reopen log file" command for the rest server. Kept it simple by disallowing to register new commands after the socket gets spawned, this avoids the need for locking. If we really need that we can always wrap it in a Arc<RWLock<..>> or something like that, or even nicer, register at compile time. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2020-11-02 09:12:56 +00:00			`use futures::*;`
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`use tokio::net::UnixListener;`
refactor send_command - refactor the combinators, - make it take a `&T: Serialize` instead of a Value, and allow sending the raw string via `send_raw_command`. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2021-05-11 13:53:59 +00:00			`use serde::Serialize;`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00			`use serde_json::Value;`
src/server/command_socket.rs: check control socket permissions 2019-04-11 08:51:59 +00:00			`use nix::sys::socket;`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
			`/// Listens on a Unix Socket to handle simple command asynchronously`
command socket: make create_control_socket private this is internal for now, use the comanndo socket struct implementation, and ideally not a new one but the existing ones created in the proxy and api daemons. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2020-11-02 18:23:18 +00:00			`fn create_control_socket<P, F>(path: P, func: F) -> Result<impl Future<Output = ()>, Error>`
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00			`where`
			`P: Into<PathBuf>,`
			`F: Fn(Value) -> Result<Value, Error> + Send + Sync + 'static,`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00			`{`
			`let path: PathBuf = path.into();`
src/server/command_socket.rs: implement auto_remove flag Remove the socket file on close. 2019-04-09 09:47:23 +00:00
start new pbs-config workspace moved src/config/domains.rs 2021-09-02 10:47:11 +00:00			`let backup_user = pbs_config::backup_user()?;`
src/server/command_socket.rs: do not abort loop on client errors, allow backup gid 2020-05-07 06:24:48 +00:00			`let backup_gid = backup_user.gid.as_raw();`

cleanup: remove unnecessary 'mut' and '.clone()' Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> 2020-12-04 10:53:34 +00:00			`let socket = UnixListener::bind(&path)?;`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`let func = Arc::new(func);`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`let control_future = async move {`
			`loop {`
src/server/command_socket.rs: do not abort loop on client errors, allow backup gid 2020-05-07 06:24:48 +00:00			`let (conn, _addr) = match socket.accept().await {`
			`Ok(data) => data,`
			`Err(err) => {`
			`eprintln!("failed to accept on control socket {:?}: {}", path, err);`
			`continue;`
			`}`
			`};`

src/server/command_socket.rs: check control socket permissions 2019-04-11 08:51:59 +00:00			`let opt = socket::sockopt::PeerCredentials {};`
src/server/command_socket.rs: do not abort loop on client errors, allow backup gid 2020-05-07 06:24:48 +00:00			`let cred = match socket::getsockopt(conn.as_raw_fd(), opt) {`
			`Ok(cred) => cred,`
			`Err(err) => {`
			`eprintln!("no permissions - unable to read peer credential - {}", err);`
			`continue;`
src/server/command_socket.rs: check control socket permissions 2019-04-11 08:51:59 +00:00			`}`
src/server/command_socket.rs: do not abort loop on client errors, allow backup gid 2020-05-07 06:24:48 +00:00			`};`

			`// check permissions (same gid, root user, or backup group)`
			`let mygid = unsafe { libc::getgid() };`
			`if !(cred.uid() == 0 \|\| cred.gid() == mygid \|\| cred.gid() == backup_gid) {`
			`eprintln!("no permissions for {:?}", cred);`
			`continue;`
src/server/command_socket.rs: check control socket permissions 2019-04-11 08:51:59 +00:00			`}`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`let (rx, mut tx) = tokio::io::split(conn);`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00			`let abort_future = super::last_worker_future().map(\|_\| ());`

			`use tokio::io::{AsyncBufReadExt, AsyncWriteExt};`
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`let func = Arc::clone(&func);`
			`let path = path.clone();`
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00			`tokio::spawn(futures::future::select(`
			`async move {`
			`let mut rx = tokio::io::BufReader::new(rx);`
			`let mut line = String::new();`
			`loop {`
			`line.clear();`
			`match rx.read_line({ line.clear(); &mut line }).await {`
			`Ok(0) => break,`
			`Ok(_) => (),`
			`Err(err) => {`
			`eprintln!("control socket {:?} read error: {}", path, err);`
			`return;`
			`}`
			`}`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00			`let response = match line.parse::<Value>() {`
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`Ok(param) => match func(param) {`
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00			`Ok(res) => format!("OK: {}\n", res),`
			`Err(err) => format!("ERROR: {}\n", err),`
			`}`
src/server/command_socket.rs: correctly handle/spawn handle parallel connections 2019-04-10 09:05:00 +00:00			`Err(err) => format!("ERROR: {}\n", err),`
			`};`
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00
			`if let Err(err) = tx.write_all(response.as_bytes()).await {`
			`eprintln!("control socket {:?} write response error: {}", path, err);`
			`return;`
			`}`
			`}`
			`}.boxed(),`
			`abort_future,`
			`).map(\|_\| ()));`
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`}`
			`}.boxed();`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
			`let abort_future = super::last_worker_future().map_err(\|_\| {});`
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00			`let task = futures::future::select(`
			`control_future,`
			`abort_future,`
update a chunk of stuff to the hyper release Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-12-12 14:27:07 +00:00			`).map(\|_: futures::future::Either<(Result<(), Error>, _), _>\| ());`
src/server/command_socket.rs: simple command socket 2019-04-08 15:59:39 +00:00
			`Ok(task)`
			`}`
src/server/worker_task.rs: implement abort_worker (via command_socket) 2019-04-10 10:42:24 +00:00

refactor send_command - refactor the combinators, - make it take a `&T: Serialize` instead of a Value, and allow sending the raw string via `send_raw_command`. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2021-05-11 13:53:59 +00:00			`pub async fn send_command<P, T>(path: P, params: &T) -> Result<Value, Error>`
			`where`
			`P: AsRef<Path>,`
			`T: ?Sized + Serialize,`
src/server/worker_task.rs: implement abort_worker (via command_socket) 2019-04-10 10:42:24 +00:00			`{`
refactor send_command - refactor the combinators, - make it take a `&T: Serialize` instead of a Value, and allow sending the raw string via `send_raw_command`. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2021-05-11 13:53:59 +00:00			`let mut command_string = serde_json::to_string(params)?;`
			`command_string.push('\n');`
			`send_raw_command(path.as_ref(), &command_string).await`
			`}`
src/server/worker_task.rs: implement abort_worker (via command_socket) 2019-04-10 10:42:24 +00:00
refactor send_command - refactor the combinators, - make it take a `&T: Serialize` instead of a Value, and allow sending the raw string via `send_raw_command`. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2021-05-11 13:53:59 +00:00			`pub async fn send_raw_command<P>(path: P, command_string: &str) -> Result<Value, Error>`
			`where`
			`P: AsRef<Path>,`
			`{`
			`use tokio::io::{AsyncBufReadExt, AsyncWriteExt};`
src/server/command_socket.rs: switch to async Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2019-08-23 13:00:18 +00:00
refactor send_command - refactor the combinators, - make it take a `&T: Serialize` instead of a Value, and allow sending the raw string via `send_raw_command`. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com> 2021-05-11 13:53:59 +00:00			`let mut conn = tokio::net::UnixStream::connect(path)`
			`.map_err(move \|err\| format_err!("control socket connect failed - {}", err))`
			`.await?;`

			`conn.write_all(command_string.as_bytes()).await?;`
			`if !command_string.as_bytes().ends_with(b"\n") {`
			`conn.write_all(b"\n").await?;`
			`}`

			`AsyncWriteExt::shutdown(&mut conn).await?;`
			`let mut rx = tokio::io::BufReader::new(conn);`
			`let mut data = String::new();`
			`if rx.read_line(&mut data).await? == 0 {`
			`bail!("no response");`
			`}`
			`if let Some(res) = data.strip_prefix("OK: ") {`
			`match res.parse::<Value>() {`
			`Ok(v) => Ok(v),`
			`Err(err) => bail!("unable to parse json response - {}", err),`
			`}`
			`} else if let Some(err) = data.strip_prefix("ERROR: ") {`
			`bail!("{}", err);`
			`} else {`
			`bail!("unable to parse response: {}", data);`
			`}`
src/server/worker_task.rs: implement abort_worker (via command_socket) 2019-04-10 10:42:24 +00:00			`}`
server: add CommandoSocket where multiple users can register commands This is a preparatory step to replace the task control socket with it and provide a "reopen log file" command for the rest server. Kept it simple by disallowing to register new commands after the socket gets spawned, this avoids the need for locking. If we really need that we can always wrap it in a Arc<RWLock<..>> or something like that, or even nicer, register at compile time. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> 2020-11-02 09:12:56 +00:00
			`/// A callback for a specific commando socket.`
			`pub type CommandoSocketFn = Box<(dyn Fn(Option<&Value>) -> Result<Value, Error> + Send + Sync + 'static)>;`

			`/// Tooling to get a single control command socket where one can register multiple commands`
			`/// dynamically.`
			/// You need to call `spawn()` to make the socket active.
			`pub struct CommandoSocket {`
			`socket: PathBuf,`
			`commands: HashMap<String, CommandoSocketFn>,`
			`}`

			`impl CommandoSocket {`
			`pub fn new<P>(path: P) -> Self`
			`where P: Into<PathBuf>,`
			`{`
			`CommandoSocket {`
			`socket: path.into(),`
			`commands: HashMap::new(),`
			`}`
			`}`

			`/// Spawn the socket and consume self, meaning you cannot register commands anymore after`
			`/// calling this.`
			`pub fn spawn(self) -> Result<(), Error> {`
			`let control_future = create_control_socket(self.socket.to_owned(), move \|param\| {`
			`let param = param`
			`.as_object()`
			`.ok_or_else(\|\| format_err!("unable to parse parameters (expected json object)"))?;`

			`let command = match param.get("command") {`
			`Some(Value::String(command)) => command.as_str(),`
			`None => bail!("no command"),`
			`_ => bail!("unable to parse command"),`
			`};`

			`if !self.commands.contains_key(command) {`
			`bail!("got unknown command '{}'", command);`
			`}`

			`match self.commands.get(command) {`
			`None => bail!("got unknown command '{}'", command),`
			`Some(handler) => {`
			`let args = param.get("args"); //.unwrap_or(&Value::Null);`
			`(handler)(args)`
			`},`
			`}`
			`})?;`

			`tokio::spawn(control_future);`

			`Ok(())`
			`}`

			`/// Register a new command with a callback.`
			`pub fn register_command<F>(`
			`&mut self,`
			`command: String,`
			`handler: F,`
			`) -> Result<(), Error>`
			`where`
			`F: Fn(Option<&Value>) -> Result<Value, Error> + Send + Sync + 'static,`
			`{`

			`if self.commands.contains_key(&command) {`
			`bail!("command '{}' already exists!", command);`
			`}`

			`self.commands.insert(command, Box::new(handler));`

			`Ok(())`
			`}`
			`}`